from:"Yaroslav Halchenko"

On Mon, Oct 03, 2005 at 10:20:23PM -0700, Joshua Rodman wrote:
 What was done before was the line was scanned for anything which
 resembles an IP address.  What I am suggesting is a regex which
 specifies where in the line the IP address should be.  
how would you specify where? if you are thinking about something like
from IP regex or fixed position, that will not work, because
intruder can provide a login name with from IP regex and log line is

Oct  4 09:41:14 sonyboy sshd[18226]: Invalid user from 10.0.0.1 from 127.0.0.1
Oct  4 09:41:14 sonyboy sshd[18226]: Failed none for invalid user from 10.0.0.1 
from 127.0.0.1 port 52417 ssh2

So, as I said, I don't see a generic way around that besides using fully
specified regex'es. May be upstream will have something nice in mind

To say the truth python regexes are not that diificult. May be I should
provide a crash-course on them in 5-10 lines in the config file
describing used by me constructs. Something like

Symbols:
 [...] -- set of symbols
 \S -- non-space symbol
 . -- any symbol
Enumerators: 
 ? -- 0 or 1 occurance of patter
 * -- 0 or more occurances of previous regex
 {n,m} -- from n to m occurances of the pattern
Grouping: 
 | -- logical OR -- matching any of the mentioned patterns within a
  group
 (?:...) -- group which doesn't enter the set of numbered/named groups
 (?Pname1...) -- named as name1 group. Curently all named groups are
  considered as placeholders of IP addresses

Would it make easier to grasp failregex'es now?
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpq4pDQIGgUq.pgp
Description: PGP signature

Bug#331695: fail2ban: Note possible need to modify firewall rules

Would  you mind me  merging this bug with
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329163
?
they seems to be about the same problem
or I misinterpreted it?
and btw note about it is included in README.Debian since 0.5.2-5 :-)
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpovE4gHU2dI.pgp
Description: PGP signature

Bug#331695: fail2ban: Note possible need to modify firewall rules

On Tue, Oct 04, 2005 at 11:29:45AM -0700, Ross Boylan wrote:
 concerns the program operation and endless loop.  This one concerns
 primarily user information (which may have been addressed) and the
 problem that the firewall rules become ineffective if the main INPUT
 chain is altered so at to deleted the references to the fail2ban
 rules.
yeap -- and that would lead to the absent chain, all failed login
attempts will continue to flow, fail2ban will disregard them because it
thinks that they are banned, unban will fail because there is no chain,
and infinite loop situation can occur
Is that right?

The both bugs are grown from the same fact that if a user ( or
outside of fail2ban firewal etc) changes iptables INPUT chain, fail2ban
cannot function properly.

During startup fail2ban starts up after networking and all firewalls
(which supposed to be started from /etc/rcS.d/ if I'm not wrong) so
general user should be fine as far as he doesn't restart the firewall or
wipes out INPUT manually.

 In other words, 329163 is about infinite loops, while this concerns
 failure to run at all.
Otherwise, If something like that happens, fail2ban renders unusable
and might loop endlessly. That is why I considered both bug reports to
be the same because the source of the problem is the same.

 Also, this bug/wish has some ideas about program functionality.  You
 may or may not wish to pursue those ideas.
indeed. we had an idea to include a check for existing chain before every
operation with iptables... for now we just limited the solution by the
note in README.Debian. Hopefully soon (if there will be not that many
bug reports) recent fail2ban will get into testing, thus the others will
see that note :-)


-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgphv2TYMRIIp.pgp
Description: PGP signature

Bug#331695: fail2ban: Note possible need to modify firewall rules

 I'm probably not aware of all the implications of different
 misconfigurations, but I thought 329163 was about the problems that
 happen if, for example, fail2ban-ssh is missing.  In contrast, in the
 case I'm thinking of, fail2ban-ssh (the table) is present, but there
 are no references to it from the INPUT table.
You do have deeper understanding of the problem and outcomes than I do
;-) I didn't bother to bisect the problem in two (missing fail2ban
chaing, missing -j to the chain) because either of them is bad. You are
100% right that outcomes are different, but I think that the solution to
both bug reports should come as a 1 piece ;-)

 My understanding of 329163, or even the consequences of the scenario I
 describe, may be faulty.  I agree that both problems arise from the
 general category somebody messes with the tables after fail2ban runs.
  note in README.Debian. Hopefully soon (if there will be not that many
  bug reports) recent fail2ban will get into testing, thus the others will
  see that note :-)

 This wish was mostly for some more documentation, so if it's already
 done my wish has been granted :)
I might adjust README.Debian to reflect the two-fold problem as you
brought it up. So, in any way, discussion was useful - thank you.
I will merge this bug with #329163 so we the issue open till we fix it
in a proper way

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpp0OzKUNzTn.pgp
Description: PGP signature

Bug#333056: fail2ban 0.5.4-5 fails to ban

2005-10-09 Thread Yaroslav Halchenko

On Mon, Oct 10, 2005 at 01:56:50PM +0900, kazuki wrote:
 Package: fail2ban
 Version: 0.5.4-5
 Severity: important


 With the new failregex line in the config file, fail2ban fails to ban ssh 
 accesses by illegal users.
Yeap :-) It has being worked on due to the report from the user who
didn't use BTS (bad boy rrr). BTW - when do you experience Illegal
users but no failed authentication reports? What is your loglevel in
sshd_config? do you permit password authentication (also what is UsePAM
in sshd_config?)

Please try the version from
http://itanix.rutgers.edu/rumba/dists/unstable/perspect/binary-all/net/
and report if it works for you

Thank you in advance

 Furthermore, modifying the failregex probably doesn't prevent the security 
 breach(#330827).
any example when it would leak? If it does, please report and also check
with the version from the URL above

 fail2ban itself rather than the fairegex must be changed to parse
 failure log more strictly so that it can obtain the real IP address at
 the end of the line, not the IP-like user name.
Well - That is what modified failregex is doing. And there was a 2
line modification of code itself ;-) It doesn't scan for an IP in the
line (actually it does if a user didn't upgrade config file, but it
issues a far warning in that case).
But IP can be in any place in the line, so anything simple like at the
end of the line, or after rhost=, doesn't really work or at least
doesn't generalize well ;-))

Failregex now defines a group host which is very strict as for
defining  possible location of the IP.  Also in the version from the
mentioned URL I've restricted it a bit more (included colon at the
beginning), so during  my tests, no nasty login could confuse the
parser.

Thank you in advance for output regarding this issue
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpuNUoWMmkXC.pgp
Description: PGP signature

Bug#329163: fail2ban: fails to handle missing chain

2005-10-12 Thread Yaroslav Halchenko

Hi

I've hacked a fix for the problem of missing chain. Could you please
try the most recent version (not yet in Debian mainstream) available
from

http://itanix.rutgers.edu/rumba/dists/unstable/perspect/binary-all/net/

While upgrading you might need to update your config file with a fresh
one shipped with the package (as the WARNING might state)

I would greatly appreciate your feedback.

Cheers
Yarik

On Tue, Sep 20, 2005 at 10:37:55AM +1000, Aaron Howell wrote:
 Package: fail2ban
 Version: 0.5.3-1
 Severity: normal

 Fail2ban will go into an endless loop trying to ban an ip address,
 if the chain it is expecting to find is no longer valid (for example if a 
 user restarts iptables).
 On a busy system this has the potential to quickly fill up the log or mail 
 spool.
 It should instead report an error to its log or by mail and gracefully fail, 
 or, re-create its own chain if possible.

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpv1U97YFLim.pgp
Description: PGP signature

Bug#336449: fail2ban: Mails have Date: header in GMT timezone

2005-10-31 Thread Yaroslav Halchenko

Please check out the fresh package from
http://itanix.rutgers.edu/rumba/dists/unstable/perspect/binary-all/net/
it is supposed to do what you want (if you upgrade config file as well
since default behaviour upstream should remain  as it was before I
think)

Please report back if it fixes the issue and then I will dupload it

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpqBIkSI9Yvb.pgp
Description: PGP signature

Bug#334272: fail2ban: returned ERROR 256 from iptables

2005-10-16 Thread Yaroslav Halchenko

It seems that you are experiencing missing chain problem: your
fail2ban rules get erased by your firewall on its restart


 And:
 /etc/init.d/fail2ban status
 Status of fail2ban: fail2ban is running.

 But:
 iptables -L of course shows the absence of the fail2ban lines.
but is there fail2ban or not? status says on the status of the process,
not the state of iptables rules...


please go through
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331695
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329163

to confirm that it is the same issue of fail2ban rules being erased by
external means (firewall) (so I can merge your bug with them or
just close it)

Also please give a try alpha version available from
http://itanix.rutgers.edu/rumba/dists/unstable/perspect/binary-all/net/
which will be uploaded to unstable soon

-- 
Yarik
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpMQRTBWJUxC.pgp
Description: PGP signature

Bug#334272: Did not start [was Re: Bug#334272: fail2ban: returned ERROR 256 from iptables]

2005-10-18 Thread Yaroslav Halchenko

On Tue, Oct 18, 2005 at 10:08:53AM -0400, Ralph Katz wrote:
 Yesterday using 0.5.4-5.14, valid ssh logins worked fine, and ssh
 attacks were correctly prevented.

 Maybe fail2ban starts too soon?
That would be my guess too. fail2ban boots in   rc2.d, so all relevant
modules should be loaded by that time. I hope you don't use any
fast-boot tricks as to boot init scripts in parallel ()?

Anyway I should fix fail2ban to don't fail that miserably in the case
when iptables is not available at the start time. But I'm not sure what
should I do about iptables detection because fail2ban itself is
independent of specific firewalling solution -- commands are given in
the config file. I might want to add something like

waitCmd 
waitTime

so fail2ban runs waitCmd for waitTime seconds (sleeping a second between
runs) and if waitCmd never succeeds - exits, reporting the error.
That would prevent your cases from happening...

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpeCPI54zwVG.pgp
Description: PGP signature

Bug#331695: Bug#329163: fail2ban: fails to handle missing chain

2005-10-18 Thread Yaroslav Halchenko

 My style is to keep my old config file and then merge in the changes
 and restart after the main install is done.
whatever works for you is good with me :-)

 1. The most substantive thing I notice is that the ignoreip
 configuration setting does not seem to be used--that is, I see no sign
 of it in my iptables -nvL rules.  I have that option set, though it's
 set to the same value as the default (I set it before the current
 default was in effect.)
it is considered inside fail2ban without bothering external firewall --
ignoreip's get ignored. If you want to enforce it on the level of
firewall - use fwstart to hardcode them inside the firewall

 2. You have a number of multi-line options without the \ character in
 the config file.  E.g., fwend.  Do the later lines actually get used?
 A related question: do the multiple lines of, e.g., fwcheck, all get
 used appropriately?
yes they are used appropriately... if your increase verbosity
level you see them in the logs

 3. The [EMAIL PROTECTED] should solve the mail problems, but it is
I'm opened for further suggestions (patches are lovely) and wishlist bugs :-)

 4. The latest Debian changelog entry includes
 Should both of those fwban's be there?  It would be more idiomatic to
 delete the if after in case.
thank you for corrections :-) 2nd fwban should be fwunban
I will update the changelog entries

   * Resolved the mistery
 The word is mystery.
thanks once again :-)

 case, though I think it was (since it's only a warning).  To clarify
 this, you might add defaulting to maxreinits = -1 or whatever the
 default behavior is.  As I mentioned, I subsequently edited the
 configuration file and restarted the demon.
Hm... not a bad idea... now you made be to fire up emacs and fix things
up :-) Change will be reflected in the Debian release 

Thank you for your feedback

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgprnYuKAn317.pgp
Description: PGP signature

Bug#334272: Did not start [was Re: Bug#334272: fail2ban: returned ERROR 256 from iptables]

2005-10-18 Thread Yaroslav Halchenko

On Tue, Oct 18, 2005 at 03:45:23PM -0400, Ralph Katz wrote:
 As a non-programmer, I can't judge your proposed solution.  Meanwhile
 I'll check /var/log/fail2ban and restart fail2ban manually if needed
 after each system reboot.
no need. for you if the cause is really missing iptables by the time
fail2ban starts due to slowness of the machine, just add 
sleep 2
to 
/etc/defaults/fail2ban

it will delay your boot by 2 seconds but hopefully it will resolve the
issue. If it doesn't, then it is something else and we need to pin the
problem down

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpf7ki0Bu9PF.pgp
Description: PGP signature

Bug#339133: fail2ban: Race condition in default fwstart

2005-11-14 Thread Yaroslav Halchenko

Thank you for the bug report Jefferson,

I believe that next patch in the config file should fix things up
It will be uploaded with a next dupload ;-)

Cheers
Yarik


--- config/fail2ban.conf.default(revision 285)
+++ config/fail2ban.conf.default(working copy)
@@ -198,8 +198,8 @@
 # Values:  CMD  Default:
 #
 fwstart = iptables -N fail2ban-http
+  iptables -A fail2ban-http -j RETURN
   iptables -I INPUT -p tcp --dport http -j fail2ban-http
-  iptables -A fail2ban-http -j RETURN

 # Option:  fwend
 # Notes.:  command executed once at the end of Fail2Ban
@@ -276,8 +276,8 @@
 # Values:  CMD  Default:
 #
 fwstart = iptables -N fail2ban-ssh
+  iptables -A fail2ban-ssh -j RETURN
   iptables -I INPUT -p tcp --dport ssh -j fail2ban-ssh
-  iptables -A fail2ban-ssh -j RETURN

 # Option:  fwend
 # Notes.:  command executed once at the end of Fail2Ban

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpgrtBLo4qkl.pgp
Description: PGP signature

Bug#337052: ITP: denyhosts -- script to block SSH brute-force dictionary attacks

2005-11-18 Thread Yaroslav Halchenko

Just FYI that there is a similar in purpose tool in Debian already. So if you
are eager to get such a service asap before denyhosts gets into debian
please consider fail2ban:
 
Package: fail2ban
Priority: optional
Section: net
Installed-Size: 240
Maintainer: Yaroslav Halchenko [EMAIL PROTECTED]
Architecture: all
Version: 0.5.4-9
Depends: python, iptables
Filename: pool/main/f/fail2ban/fail2ban_0.5.4-9_all.deb
Size: 32334
MD5sum: 289a8a3e9b42f505bab9403ace7fc16c
Description: bans IPs that cause multiple authentication errors
 Monitors (in daemon mode) or just scans log files (e.g. /var/log/auth.log,
 /var/log/apache/access.log) and temporarily bans failure-prone
 addresses by updating existing firewall rules.  Currently, by default,
 supports ssh/apache but configuration can be easily extended for scanning
 the other ASCII log files. Firewall rules are given in the config file,
 thus it can be adopted to be used with a variety of firewalls (e.g. iptables,
 ipfwadm).
 .
 Homepage: http://www.sourceforge.net/projects/fail2ban

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpU5ZCIKP1qe.pgp
Description: PGP signature

Bug#400607: reports Couldn't load package calamaris::calBars3d

2006-12-05 Thread Yaroslav Halchenko

Sure thing -- find it attached

  But regardless, I had a configured calamaris setup, I upgraded it
  - it broke.  That is already an incompatibility, right? Imagine apache
server, where during upgrade all virtual servers other than default
(which is comes shipped) disappear. Disappear just because
some missing dependency... no note during upgrade, just something
buried in README. I don't think that is the practice anyone would
like ;-) That is why NEWS file is there to announce any possible
incompatibility issues which might arise.
 Agreed. Just a quick check: could you please send me your
 /etc/cron.daily/calamaris ?

-- 
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student  Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://www.linkedin.com/in/yarik
#! /bin/sh

set -e

# calamaris: daily cron script.
# This script should be run before the one for squid or oops. According to the
# man page of run-parts this is okay: squid and oops come after calamaris in
# the alphabet.

# Date: 1998-10-07

# DEBUG=1

CONFFILE=/etc/calamaris/cron.conf
CALAMARIS=/usr/bin/calamaris
CALAMARIS_CONF_FILE=/etc/calamaris/calamaris.conf

if [ ! -x /usr/bin/calamaris ]; then
exit 0
fi

CALAMARISOPTIONS=-a -f auto --config-file ${CALAMARIS_CONF_FILE}
HTMLOPTIONS=-F html,graph
ME=/etc/cron.daily/calamaris
WEEKFILES=forweekly.1:forweekly.2:forweekly.3:forweekly.4:forweekly.5:forweekly.6:forweekly.0

# today
DAYOFWEEK=`date +%w`
DAYOFMONTH=`date +%d | bc -l`
# WEEKOFYEAR=`date +%W`
# MONTH=`date +%B`

# read configuration file: /etc/calamaris/cron.conf
# daily
eval `awk -F: \
'(!/╗#/)  ($1 == daily) {
print DAYMAIL= $2; print DAYWEB= $3;
print DAYDO= $4; print DAYTITLE= $5;
}' $CONFFILE`
DAYWEBPATH=`dirname $DAYWEB`
DAYWEBFILE=`basename $DAYWEB`

# weekly
eval `awk -F: \
'(!/╗#/)  ($1 == weekly) {
print WEEKMAIL= $2; print WEEKWEB= $3;
print WEEKDO= $4; print WEEKTITLE= $5;
}' $CONFFILE`
WEEKWEBPATH=`dirname $WEEKWEB`
WEEKWEBFILE=`basename $WEEKWEB`

# monthly
eval `awk -F: \
'(!/╗#/)  ($1 == monthly) {
print MONTHMAIL= $2; print MONTHWEB= $3;
print MONTHDO= $4; print MONTHTITLE= $5;
}' $CONFFILE`
MONTHWEBPATH=`dirname $MONTHWEB`
MONTHWEBFILE=`basename $MONTHWEB`

# squid or oops?
CACHE=auto
eval `awk -F= \
'(!/╗#/)  ($1 == cache) {
print CACHE= $2;
}' $CONFFILE`

# look for cache log files
if [ $CACHE = auto ]; then
if [ -r /var/log/squid/access.log ]; then
CACHE=squid
CACHELOGDIR=/var/log/squid
fi
if [ -r /var/log/oops/access.log ]; then
CACHE=oops
CACHELOGDIR=/var/log/oops
fi
if [ $CACHE = auto ]; then
echo /etc/cron.daily/calamaris: no cache log files found, exiting 
cleanly
exit 0
fi
else
CACHELOGDIR=/var/log/$CACHE
if [ ! -r $CACHELOGDIR/access.log ]; then
echo /etc/cron.daily/calamaris: no cache log files found in 
$CACHELOGDIR, exiting cleanly
exit 0
fi
fi

# change to working dir
LOGDIR=/var/log/calamaris
cd $LOGDIR || exit 1

# if we need monthly or weekly reports save a summary
if [ $WEEKDO != nothing ]; then
CALAMARISOPTIONSOLD=$CALAMARISOPTIONS
CALAMARISOPTIONS=$CALAMARISOPTIONS -o forweekly.$DAYOFWEEK
# Ensure that this file exists and is empty; if there are no entries in the
# squid access.log, calamaris won't create the summary file, which causes
# problems with the weekly and monthly summaries.
: forweekly.$DAYOFWEEK
else
if [ $MONTHDO != nothing ]; then
CALAMARISOPTIONSOLD=$CALAMARISOPTIONS
CALAMARISOPTIONS=$CALAMARISOPTIONS -o formonthly.$DAYOFMONTH
fi
fi

# do the daily report
case $DAYDO in
nothing) if [ $WEEKDO != nothing ]; then
cat $CACHELOGDIR/access.log | \
nice -39 $CALAMARIS $CALAMARISOPTIONS  /dev/null
fi
;;
mail) if [ -x /usr/sbin/sendmail ]; then (
echo To: $DAYMAIL
echo From: Calamaris root
cat $CACHELOGDIR/access.log | \
nice -39 $CALAMARIS $CALAMARISOPTIONS -F mail -H $DAYTITLE
) | /usr/sbin/sendmail -t
fi
;;
web) cat $CACHELOGDIR/access.log | \
nice -39 $CALAMARIS $CALAMARISOPTIONS $HTMLOPTIONS -H $DAYTITLE \
--output-path $DAYWEBPATH --output-file $DAYWEBFILE
;;
both) cat $CACHELOGDIR/access.log | \
nice -39 $CALAMARIS $CALAMARISOPTIONS $HTMLOPTIONS -H $DAYTITLE \
--output-path $DAYWEBPATH --output-file $DAYWEBFILE
if [ -x /usr/sbin/sendmail ]; then (
echo To: $DAYMAIL
echo From: Calamaris root
cat $CACHELOGDIR/access.log | \
nice -39 $CALAMARIS $CALAMARISOPTIONS -F mail -H $DAYTITLE
) | /usr/sbin/sendmail -t
fi
;;
*) echo the 'todo' for the daily Squid report

Bug#400607: reports Couldn't load package calamaris::calBars3d

2006-12-06 Thread Yaroslav Halchenko

 Since 2.99.1.3-2 this here:
  HTMLOPTIONS=-F html,graph
 is -F html without graph. So, for most of the users, the
 problem should not arise: They upgrade from stable and have a
 version without graphics. When then want to have graphics, they
 have manually change the script and install the package.
well -- I don't mind... it is your call -- I just gave a suggestion.
Since I am not sure if most of the users are on stable at the moment,
so you might get surprised on how many would encounter the problem, then
good ones would dig into Documentation and bug tracking system to find
the cause, and, in the best case, noone would buzz you since this issue
was raisen up (now). But since MANY users use it in testing/unstable I
would just keep on recommending the proper NEWS entry so they get
alarmed... or postinst conditioning, grepping of cron file to see if
HTMLOPTIONS includes graph and necessary package is installed... If not
- fat warning. that would be the best solution, but since it requires
  hand scripting - that is up to you... feel free to close the issue -
  it is solved for me, so I am somewhat happy ;-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpoOhSIVGLbw.pgp
Description: PGP signature

Bug#372684: I believe it is obsolete to some extent now

2006-12-07 Thread Yaroslav Halchenko

Dear Submitter,

0.7. branch of fail2ban within testing/unstable has substantially
different handling of dates, and doesn't rely on python's locale
anymore which remains to be prone to this bug (see #369689 reassigned
from fail2ban long ago). I would appreciate if you confirm that fail2ban
functions as desired on your system.

thanks in advance

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpgd7PZv2WOz.pgp
Description: PGP signature

Bug#400054: Acknowledgement (Use of uninitialized value in addition (+) at /usr/bin/debmirror line 1506)

2006-12-08 Thread Yaroslav Halchenko

1 more detail: debmirror doesn't mirror any more... 
I am not sure if that is related to this bug of mine or more related to failed
checksum of Packages.diff? Fresh Packages files are not moved from .temp
:-/ and no  fresh .debs are downloaded

I still have old mirror from november although debmirror has been run
daily. so it seems I am doomed to return back to previous release and
hand patch with my patch from #369061 which was closed by this release.

Relevant information about the run of debmirror (when it doesn't mirror)
can be fetched from 

http://www.onerussian.com/Linux/bugs/400054/debmirror.debug.20061208-1

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpDrokSk3kHt.pgp
Description: PGP signature

Bug#402180: keyjnote: fresh upstream

2006-12-08 Thread Yaroslav Halchenko

Package: keyjnote
Version: 0.8.2-1
Severity: wishlist

Hi Florian

Thanks so much for packaging this candy ;-)

Since it is so addictive I can't resist emailing you to tell that there
has being 0.8.3 out for a while ;-)

thanks in advance

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages keyjnote depends on:
ii  gs-afpl [gs] 8.53-1  The AFPL Ghostscript PostScript in
ii  gs-esp [gs]  8.15.3.dfsg.1-1 The Ghostscript PostScript interpr
ii  gs-gpl [gs]  8.54.dfsg.1-5   The GPL Ghostscript PostScript int
ii  python   2.4.4-1 An interactive high-level object-o
ii  python-imaging   1.1.5-11Python Imaging Library
ii  python-opengl2.0.1.09.dfsg.1-0.2 Python bindings to OpenGL
ii  python-pygame1.7.1release-4  SDL bindings for games development

keyjnote recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402269: jsmath: French debconf templates translation

Thank you Jean-Luc!

Is there any reason why you excluded license comment?
,--
| # This file is distributed under the same license as the PACKAGE
| # package.
`---
Would it be ok if I place it back?  ;-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpka3O1UiiPr.pgp
Description: PGP signature

Bug#402269: jsmath: French debconf templates translation

 Is there any reason why you excluded license comment?
 ,--
 | # This file is distributed under the same license as the PACKAGE
 | # package.
 `---
 Would it be ok if I place it back?  ;-)
 No, there is no reason. There are a template header. This part of the header 
 is not filled automatically and I was to lazy to fill it by hand. :-/
ok - then I place it back so you agree to release your translation under
the same terms as jsmath is released

 I've an other remark, toy sujjest to do: rc.d webserver restart  to restart 
 the web server.
 The usage of rc.d is normally done by scripts, the humans should use the 
 scripts found in /etc/init.d. This is why my translation is:
 /etc/init.d/webserver═restart
did you? rr... that is not good to change the meaning of the sentence.
If you feel that something has to be corrected - file another bug
stating that - then we would discuss it and presumably fix in all
translations.

I prefer invoke-rc.d way so it is  obeying runlevel constraints
as well as any local policies set by the system administrator.

Could you please correct the file and send it back to me? I don't want
to mess things up since I see some unrecognized characters there ;-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpGBD93sDiyc.pgp
Description: PGP signature

Bug#402269: jsmath: French debconf templates translation

Great!

Thank you Jean-Luc for your help! fr.po will see fail2ban within few
days in the fresh debian release ;-) I also added a license terms line:
# This file is distributed under the same license as the jsmath package.
Since otherwise, I guess, I could not distribute it...

 Ok, sorry for the change. It has been done after some discussion on the 
 debian-l10n-french.
Hm... interesting and bothersome since as I described - that is a
functional change, not a pure translation any more.

 Could you please correct the file and send it back to me? I don't want
 to mess things up since I see some unrecognized characters there ;-)
 Please find attached the corrected version.

 The unrecognized characters [tm] are non-breaking spaces. They are used 
 with French typographics rules toether with : ; б╚ б╩ ! ? to avoid 
 orphaned signs at the beginning of a line.
Hm. interesting -- are there any such in English? :-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402350: fail2ban: NEWS.Debian confusions

Hi Ross,

Thank you for taking a moment to help me with this NEWS entry.

 The NEWS.Debian for the recent changes refers to
 /etc/defaults/fail2ban.  I think that's a typo, and
 /etc/default/fail2ban is intended.
indeed... and 10:31:15 seems to be not that late an night, so I am not
sure how that slipped through my fingers ;-)

 I think even with that correction, the current description is somewhat
 confusing.
Agree -- I like your wording better. So, I hate to, but IMHO I should
simply replace old entry instead of adding another one. Otherwise it
would bring more confusion and/or unnecessary warning for those who
already upgraded to post 0.7.1-1. What would you say about few
changes I've introduced in your tentative entry. I hope I didn't screw
it up too bad


fail2ban 0.7 is a complete rewrite of the 0.6 version, and if you
customized any of provided configuration or startup files
(/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban),
please read further. The configuration scheme has changed upstream:
0.7 ignores /etc/fail2ban.conf and instead uses a split configuration
under /etc/fail2ban/. To retain your customizations, for example to
monitor anything other than sshd, you will need to set them under that
new directory; use *.local files for customizations. Please see
/usr/share/doc/fail2ban/README.Debian.gz and
http://fail2ban.sourceforge.net for further description of new
configuration scheme. Detailed documentation is under development (see
#400416).  When you are satisfied with the new settings, please delete
/etc/fail2ban.conf to avoid confusion.  Fail2ban 0.7 uses
client/server architecture and fail2ban-client is to substitute
fail2ban command to provide an interface between the user and
fail2ban-server. That is why some command line parameters present in
fail2ban 0.6 are invalid in fail2ban-client. Such change affects
/etc/default/fail2ban; you should review that file if you customized
it. Please enable sections as directed in README.Debian.gz mentioned
above. You must use newly shipped init.d/fail2ban, or otherwise fail2ban
will not start.

This note was rewritten to provide less clarifies and replaces the
previous NEWS item since version 0.7.5-2.


 Here is a possible revised wording:

 This note clarifies and replaces the previous NEWS item.  fail2ban 0.7
 is a complete rewrite of the 0.6 version.  The configuration scheme
 has changed [upstream?]: 0.7 ignores /etc/fail2ban.conf and instead
 uses a split configuration under /etc/fail2ban/.  To retain your
 customizations, for example to monitor anything other than sshd, you
 will need to set them under that new directory; use *.local files for
 customizations.  When you are satisfied with the new settings, please
 delete /etc/fail2ban.conf to avoid confusion.  Also, the changes may
 affect /etc/default/fail2ban [how?]; you should review that file if
 you customized it.
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgp8Wu38KrghL.pgp
Description: PGP signature

Bug#402350: fail2ban: NEWS.Debian confusions

...
 I have a feeling policy may frown on rewriting NEWS or changelogs
 after the fact, but this certainly seems like a good case in which to
 do so.  The only possible drawback I can see is that people who
 upgraded and got the old NEWS will not get the new NEWS (if they use
 apt-listchanges). 
Well - I see it not as a drawback but as a desired behavior. There will
be corresponding changelog entry about changed NEWS entry, so they are
welcome to review it.

 On the other hand, it will be much less confusing
 for people who are still at .6 to see only a single NEWS entry.
Yeah - that sounds in line with my thinking. Also, NEWS is not quite a
changelog entry, so I feel ok modifying it.

Also, since the change of configuration scheme is quite an important
event, I had duplicated given NEWS entry in postinst script (simply
duplicated the same text). Now I will have to modify it or to substitute
it with some sed command on NEWS file; and indeed apt-listchanges
people might see it twice. But better be warned twice in a consistent
way than to stay unalarmed.

  This note was rewritten to provide less clarifies and replaces the
  previous NEWS item since version 0.7.5-2.
 That sentence doesn't parse in English.  Here's what I think you mean:
 This note was rewritten in release 0.7.5-2 to clarify its meaning.
doh... that sentence skipped my proofreading -- thanks once again!

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgprvVAkHFXvG.pgp
Description: PGP signature

Bug#402350: fail2ban: NEWS.Debian confusions

Actually I adjusted postinst message to be

WARNING!

  Fail2ban 0.7 is a complete rewrite of the 0.6 version, and if
  you customized any of provided configuration or startup files
  (/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban),
  please read relevant entry in /usr/share/doc/fail2ban/NEWS.Debian.gz.

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402650: ITP: mozilla-foxyproxy -- advanced proxy management tool for iceweasel

2006-12-11 Thread Yaroslav Halchenko

Package: wnpp
Owner: Yaroslav Halchenko [EMAIL PROTECTED]
Severity: wishlist

* Package name: mozilla-foxyproxy
  Version : 2.2.1-fx+fl
  Upstream Author : LeahScape, Inc. and Eric H. Jung
* URL or Web page : http://foxyproxy.mozdev.org/
* License : GPL v.2
  Description : advanced proxy management tool for iceweasel

 Advanced proxy management tool that completely replaces IceWeasel's
 proxy configuration. With foxyproxy you can
 * Define multiple proxies and order their use with priorities
 * Temporarily or permanently disable a proxy with the click of a
   button
 * Define which proxy to use (or none!) for arbitrary URLs using
   wildcards, regular expression and other conveniences
 * No more wondering whether a URL loaded through a proxy or not:
   FoxyProxy includes an optional log of all URLs loaded, including
   which proxy was used (if any), which pattern was matched,
   timestamps, etc.
 * Out-of-the-box support for Tor - zero configuration
 * Optional status bar information about which proxy is currently in
   use
 * Full Proxy Auto-Config (PAC) support
 * Unobtrusive presence, stable execution, premier support
 .
  Homepage: http://foxyproxy.mozdev.org/

--Yarik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402650: ITP: mozilla-foxyproxy -- advanced proxy management tool for iceweasel

Indeed, I stopped for a moment while deciding upon the name, but then
proceeded since all the other extensions have this prefix.  Problem is
that iceweasel is not a common name for all mozilla products (former
mozilla-browser, mozilla-thunderbird, etc) which all could use some
common plugins , like mozilla-imagezoom is used by browsers
(iceape-browser and iceweasel now) and mail client (icedove... doh... it
just stroke me now that I need to update poor package).

So common prefix iceweasel wouldn't work

On Tue, 12 Dec 2006, Alexander Sack wrote:

 On Mon, Dec 11, 2006 at 03:56:12PM -0500, Yaroslav Halchenko wrote:
  Package: wnpp
  Owner: Yaroslav Halchenko [EMAIL PROTECTED]
  Severity: wishlist

  * Package name: mozilla-foxyproxy


 I don't think we should still use the mozilla-* prefix for extension
 packages ... now that we have ice*.

  - Alexander
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpppx3H4BRV0.pgp
Description: PGP signature

Bug#402650: ITP: mozilla-foxyproxy -- advanced proxy management tool for iceweasel

Thanks for the info. I used to use switchproxy but after some upgrade I
was looking for something different and came across foxyproxy. It has
been working fine for me. Anyways, foxyproxy is not to be in etch
release, so I will take a burden of trying to resolve/forward issues
users would encounter

On Tue, 12 Dec 2006, martin f krafft wrote:
 ...
 Also, foxyproxy has an amazing track record of instability. I ended
 up purging it again. Just FYI.
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpt8zc1SALyq.pgp
Description: PGP signature

Bug#402650: Mozilla- prefix. Was: Bug#402650: ITP: mozilla-foxyproxy -- advanced proxy management tool for iceweasel

I don't think we should still use the mozilla-* prefix for extension
packages ... now that we have ice*.
   But then, what to use instead ?
  Reading from the package description, this extension is just for
  iceweasel ... so maybe iceweasel-foxyproxy ... 
 With a little work, such an extension could be made available for
 iceape. That may even happen upstream. So iceweasel-something is out of
 the question, IMHO.
Indeed, stupid me didn't get at once what +xp-fl stands for so I
inquired upstream
http://z9.invisionfree.com/foxyproxy/index.php?showtopic=243
and they are planning to support it for iceape and seamonkey

  or just foxyproxy
  with the term iceweasel extension in the package short description.
 or debtags ?
 Anyways, the thing is that when I uploaded the very first extension
 packages, for mozilla at the time, they didn't have the mozilla in their
 name. Now they have, because of fair comments from Ari Pollak in bug
 #189595. And I still agree with him.
That was the idea I had for why do we use mozilla- prefix. But the
question now is -- can we use it at all? I mean, since it is a trademark
of Mozilla Co since this year (according to wikipedia), I believe we
can't use it any more...

So possible ways I see
1. leave it as is and have mozilla- prefix
2. figure out substitution to the mozilla trademark 
3. remove prefix once and forever and use appropriate tags. After all,
many applications use some common codebase, but they are not required to
have a common prefix.

(1) seems to be the worst in the lengthy run, but the only one which fits
the frozen state of etch now


-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpIqLaoMPFSK.pgp
Description: PGP signature

Bug#402832: firefox-greasemonkey: update depends and links for iceweasel transition

Package: firefox-greasemonkey
Version: 0.6.4-5
Severity: grave
Tags: patch
Justification: renders package unusable


Depends must be adjusted to depend on iceweasel

link from /usr/lib/firefox/extensions/ should be moved over to
/usr/lib/iceweasel/extensions/

More of mostly unnecesary discussion about this can be found on
 http://lists.debian.org/debian-devel/2006/12/msg00314.html

;-)
Cheers

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages firefox-greasemonkey depends on:
di  firefox   2.0+dfsg-1 Transition package for iceweasel r

firefox-greasemonkey recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402852: debtags: man page examples use -d ? but it seems to be broken

Package: debtags
Version: 1.6.6
Severity: minor

couldn't find a bug report for such obvious thing... may be it is me who
is the problem ;-)

examples from man page which use '-d X' option do not work.
'--distance=X' works:

[EMAIL PROTECTED]:/home/yoh# debtags -d 7 related mutt
unknown command 7
Usage: debtags [options] command [options and arguments]

Description: Commandline interface to access and manipulate Debian Package Tags

Commands are:

 help print help information.
 update   updates the package tag database (requires root).
 selfcheckperform a series of internal self checks using the current tag
  data.


the same with --distance 7, but --distance=7 works

[EMAIL PROTECTED]:/home/yoh# debtags --distance=3 related mutt
snownews - Text mode RSS newsreader
af - An Emacs-like mail reader and composer
mailutils - GNU mailutils utilities for handling mail
gopher - Distributed Hypertext Client, Gopher protocol
multimail - Offline reader for Blue Wave, QWK, OMEN and SOUP

I am off to finish reading the man page ;-)

Cheers

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages debtags depends on:
ii  apt [libapt-pkg-libc6.3-6-3. 0.6.46.4Advanced front-end for dpkg
ii  libc62.3.6.ds1-9 GNU C Library: Shared libraries
ii  libgcc1  1:4.1.1-21  GCC support library
ii  libsigc++-2.0-0c2a   2.0.17-2type-safe Signal Framework for C++
ii  libstdc++6   4.1.1-21The GNU Standard C++ Library v3
ii  perl 5.8.8-7 Larry Wall's Practical Extraction 
ii  zlib1g   1:1.2.3-13  compression library - runtime

debtags recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402853: debtags: please recommends tagcol

Package: debtags
Version: 1.6.6
Severity: wishlist


man page for debtags provides juicy examples for how to use debtags with
tagcoll. Would you mind placing tagcoll into some loose relationship
(Suggests may be) with debtags? Thanks in advance

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages debtags depends on:
ii  apt [libapt-pkg-libc6.3-6-3. 0.6.46.4Advanced front-end for dpkg
ii  libc62.3.6.ds1-9 GNU C Library: Shared libraries
ii  libgcc1  1:4.1.1-21  GCC support library
ii  libsigc++-2.0-0c2a   2.0.17-2type-safe Signal Framework for C++
ii  libstdc++6   4.1.1-21The GNU Standard C++ Library v3
ii  perl 5.8.8-7 Larry Wall's Practical Extraction 
ii  zlib1g   1:1.2.3-13  compression library - runtime

debtags recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402932: iceape: doesn't start... seems to be unrelated to the other bug reports

2006-12-13 Thread Yaroslav Halchenko

Package: iceape
Version: 1.0.6-1
Severity: important


I've tried to follow recommendations on previous bug reports, so I
uninstalled iceape* and mozilla-* products, removed /usr/lib/iceape
completely, reinstalled it and it still doesn't start... just doesn't
report anything and doesn't start... it takes it this long to quit:

,---
| *$ time iceape
| real0m0.279s
| user0m0.072s
| sys 0m0.092s
| *$ time iceape -mail
|
| real0m0.288s
| user0m0.084s
| sys 0m0.072s
`---

I moved ~/.mozilla away

,
|  sh -x iceape
| + '[' '' ']'
| + MOZ_DIST_BIN=/usr/lib/iceape
| + MOZ_PROGRAM=/usr/lib/iceape/iceape-bin
| + RUNTIME_ICEAPE_DSP=
| + '[' -f /etc/iceape/iceaperc ']'
| + . /etc/iceape/iceaperc
| ++ ICEAPE_DSP=none
| + '[' -f /home/yoh/.mozilla/iceaperc ']'
| + '[' '' ']'
| + '[' -z none ']'
| + export MOZ_DISABLE_PANGO
| + '[' none = auto ']'
| + '[' none = none ']'
| + ICEAPE_DSP=
| + EXTENT_LD_LIB_PATH=/usr/lib/iceape:/usr/lib/iceape/plugins
| + '[' :/usr/local/lib ']'
| + LD_LIBRARY_PATH=/usr/lib/iceape:/usr/lib/iceape/plugins::/usr/local/lib
| + export LD_LIBRARY_PATH
| + APPLICATION_ID=iceape
| + VERBOSE=
| + DEBUG=0
| + DEBUGGER=
| + REMOTE=0
| + TRY_USE_EXIST=0
| + first=1
| + opt=
| + START=
| + '[' 0 -ne 0 ']'
| + OPTIONS=
| + '[' 0 -eq 1 ']'
| + '[' 0 -eq 1 ']'
| + MOZ_PROGRAM='/usr/lib/iceape/iceape-bin -a iceape'
| + echo_vars ICEAPE_DSP APPLICATION_ID CMDLINE_DISPLAY DISPLAY OPTIONS DEBUG 
DEBUGGER MOZ_DISABLE_PANGO MOZ_NO_REMOTE REMOTE START
| + '[' '' ']'
| + PING_STATUS=1
| + '[' :0.0 ']'
| + '[' -z '' ']'
| + CMDLINE_DISPLAY=:0.0
| + verbose 'Running: /usr/lib/iceape/iceape-bin -a iceape -remote 
'\''ping()'\'''
| + '[' '' ']'
| + DISPLAY=:0.0
| + /usr/lib/iceape/iceape-bin -a iceape -remote 'ping()'
| + PING_STATUS=2
| + echo_vars PING_STATUS
| + '[' '' ']'
| + '[' 2 -eq 0 ']'
| + '[' 2 -eq 0 ']'
| + '[' 0 -eq 0 ']'
| + '[' 0 -eq 1 ']'
| + type ''
| + exec_verbose /usr/lib/iceape/iceape-bin -a iceape
| + verbose Running: /usr/lib/iceape/iceape-bin -a iceape
| + '[' '' ']'
| + exec /usr/lib/iceape/iceape-bin -a iceape
`---

ok - now with -g

,--
|   iceape  -g
| GNU gdb 6.5-debian
| Copyright (C) 2006 Free Software Foundation, Inc.
| GDB is free software, covered by the GNU General Public License, and you are
| welcome to change it and/or distribute copies of it under certain conditions.
| Type show copying to see the conditions.
| There is absolutely no warranty for GDB.  Type show warranty for details.
| This GDB was configured as i486-linux-gnu...Using host libthread_db library 
/lib/tls/i686/cmov/libthread_db.so.1.
|
| (gdb) r
| Starting program: /usr/lib/iceape/iceape-bin -a iceape
| Failed to read a valid object file image from memory.
| [Thread debugging using libthread_db enabled]
| [New Thread -1220053312 (LWP 19136)]
|
| Program exited with code 01.
|
`---

Here is strace log (strace -fF ):
links http://www.onerussian.com/Linux/bugs/iceape/iceape.strace.log.gz

Please let me know if I could dig more information -- I need iceape to
validate mozilla extensions packaging before uploading them...

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages iceape depends on:
ii  iceape-browser1.0.6-1The Iceape Internet browser
ii  iceape-mailnews   1.0.6-1The iceape Internet application su

Versions of packages iceape recommends:
pn  iceape-chatzilla  none (no description available)

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#402932: iceape: doesn't start... seems to be unrelated to the other bug reports

2006-12-13 Thread Yaroslav Halchenko

doh... 

1. I did have MOZILLA_FIVE_HOME=/usr/local/mozilla  --
   got removed

2. it starts nicely from other user account

3.  it starts nicely whenever I login from another box and run iceape
   --no-xshm

4.  but didn't start from my environment (though I export
   MOZILLA_FIVE_HOME=)
   I even made another strace (smaller a bit this time)
   http://www.onerussian.com/Linux/bugs/iceape/iceape.strace2.log.gz

3. and 4. persuaded me to relogin into my X desktop (after all it was up
for a while and went through quite a few upgrades)
and that did the trick...
I am sorry that I brought this up unto you without enough
troubleshooting... heh heh Please feel free to close the bug

On Wed, 13 Dec 2006, Mike Hommey wrote:
 O_o what the f*ck is it trying to do in /usr/local/mozilla ? and trying
 to find component registration in your home directory ?

 Could you try with another user ? If that works, can you try to find out
 what environment variable may be responsible for this ?

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpuRXTXql1Pj.pgp
Description: PGP signature

Bug#389691: this bug is not severe! I would love to see keyjnote in etch - please unblock

2006-12-15 Thread Yaroslav Halchenko

severity 389691 normal
thanks

I am not sure why the maintainer didn't lower the severity -- this
issues seems to be not even a keyjnote fault but SDL/ALSA configuration
issue on the box of the submitter. So MOST of the people do not
experience this bug, thus at most it must be of normal severity.

This package has no other serious bug filed for a while (besides
wishlist for me for new upstream version), so I would ask to remove the
hold from this package so it gets into etch, and dear maintainer please
do not upload fresh release into unstable so current version (if
approved) penetrate into etch.


-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpGAABQSTcXY.pgp
Description: PGP signature

Bug#343821: fail2ban: Additional info (debug log dump)

2006-09-11 Thread Yaroslav Halchenko

 fail2ban-Apache\niptables -F 
 fail2ban-Apache\niptables -X fail2ban-Apache'
 2006-09-09 13:19:02,896 DEBUG: Apache: Accepted value fwban='iptables -I 
 fail2ban-Apache 1 -s ip -j DROP'
 2006-09-09 13:19:02,897 DEBUG: Apache: Accepted value fwunban='iptables -D 
 fail2ban-Apache -s ip -j DROP'
 2006-09-09 13:19:02,897 DEBUG: Apache: Accepted value fwcheck='iptables -L 
 INPUT | grep -q fail2ban-Apache'
 2006-09-09 13:19:02,897 INFO: Enabled sections: ['SSH']
 2006-09-09 13:19:02,898 DEBUG: Add 127.0.0.1 to ignore list
 2006-09-09 13:19:02,898 WARNING:  is not a valid IP address
 2006-09-09 13:19:02,898 DEBUG: Nothing to do
 2006-09-09 13:19:02,898 DEBUG: SSH: Initialize firewall rules
 2006-09-09 13:19:02,899 DEBUG: iptables -N fail2ban-SSH
 iptables -A fail2ban-SSH -j RETURN
 iptables -I INPUT -p tcp --dport ssh -j fail2ban-SSH
 2006-09-09 13:19:02,899 DEBUG: /var/log/auth.log has been modified
 2006-09-09 13:19:02,899 DEBUG: /var/log/auth.log
 2006-09-09 13:19:02,906 ERROR: unknown locale: en_DK
 2006-09-09 13:19:02,906 ERROR: Please check the format and your locale 
 settings.
 2006-09-09 13:19:02,906 DEBUG: Setting file position to 0 for 
 /var/log/auth.log
 2006-09-09 13:19:02,924 ERROR: Fail2Ban got an unhandled exception and died.
 2006-09-09 13:19:02,925 ERROR: Type: 'AttributeError'
 Value: ('strptime',)
 TB: [('/usr/bin/fail2ban', 55, '?', 'fail2ban.main()'), 
 ('/usr/share/fail2ban/fail2ban.py', 513, 'main', 'e = 
 element[1].getFailures()'), ('/usr/share/fail2ban/logreader/logreader.py', 
 143, 'getFailures', 'for element in self.findFailure(line):'), 
 ('/usr/share/fail2ban/logreader/logreader.py', 174, 'findFailure', 'date = 
 self.getUnixTime(timeMatch.group())'), 
 ('/usr/share/fail2ban/logreader/logreader.py', 216, 'getUnixTime', 'date = 
 list(time.strptime(value, self.timepattern))')]
 2006-09-09 13:19:02,925 WARNING: Restoring firewall rules...
 2006-09-09 13:19:02,925 DEBUG: SSH: Restore firewall rules
 2006-09-09 13:19:02,926 DEBUG: iptables -D INPUT -p tcp --dport ssh -j 
 fail2ban-SSH
 iptables -F fail2ban-SSH
 iptables -X fail2ban-SSH
 2006-09-09 13:19:02,926 DEBUG: Nothing to do
 2006-09-09 13:19:02,926 DEBUG: Removed PID lock /var/run/fail2ban.pid


 -- System Information:
 Debian Release: 3.1
 Architecture: i386 (i686)
 Kernel: Linux 2.6.8-3-k7
 Locale: LANG=en_DK, LC_CTYPE=en_DK (charmap=ISO-8859-1)

 Versions of packages fail2ban depends on:
 ii  iptables 1.3.3-1bpo1 Linux kernel 2.4+ iptables 
 adminis
 ii  lsb-base 3.1-9bpo1   Linux Standard Base 3.1 init 
 scrip
 ii  python   2.3.5-2 An interactive high-level 
 object-o

 -- no debconf information



-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpk1Pep60YBb.pgp
Description: PGP signature

Bug#387993: libstdc++6-4.1-dev: undefined reference to [EMAIL PROTECTED]'

2006-09-17 Thread Yaroslav Halchenko

Package: libstdc++6-4.1-dev
Version: 4.1.1-13
Severity: normal
File: /usr/lib/gcc/i486-linux-gnu/4.1.2/libstdc++.so

Dear Maintainer,

I am sorry if my bug report is pure ignorance of the matter: I hope
that you would highlight the situation for me at least if it is so

After recent upgrade, mcc (Matlab compiler fails to compile) with next
error messages:

r14sp3 release of matlab:
- gcc -O -pthread  -o test  test_main.o test_mcc_component_data.o 
-Wl,-rpath-link,/share/apps/matlab_r14sp3/bin/glnx86 
-L/share/apps/matlab_r14sp3/bin/glnx86  -lmwmclmcrrt -lm -lstdc++ 

/usr/bin/ld: warning: libstdc++.so.5, needed by 
/share/apps/matlab_r14sp3/bin/glnx86/libmwmclmcrrt.so, may conflict with 
libstdc++.so.6
/usr/lib/gcc/i486-linux-gnu/4.1.2/libstdc++.so: undefined reference to [EMAIL 
PROTECTED]'
/usr/lib/gcc/i486-linux-gnu/4.1.2/libstdc++.so: undefined reference to [EMAIL 
PROTECTED]'
collect2: ld returned 1 exit status

mbuild: link of 'test' failed.

Error: An error occurred while shelling out to mbuild (error code = 256).
Unable to build executable.

2006b release of matlab:
- gcc -O -pthread  -o test  test_main.o test_mcc_component_data.o 
-Wl,-rpath-link,/share/apps/matlab_r2006b/bin/glnx86 
-L/share/apps/matlab_r2006b/bin/glnx86  -lmwmclmcrrt -lm -lstdc++ 

/usr/lib/gcc/i486-linux-gnu/4.1.2/libstdc++.so: undefined reference to [EMAIL 
PROTECTED]'
collect2: ld returned 1 exit status

mbuild: link of 'test' failed.


Please advise

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.20-ravana
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages libstdc++6-4.1-dev depends on:
ii  g++-4.1   4.1.1-13   The GNU C++ compiler
ii  gcc-4.1-base  4.1.1-13   The GNU Compiler Collection (base 
ii  libc6-dev 2.3.6-13   GNU C Library: Development Librari
ii  libstdc++64.1.1-13   The GNU Standard C++ Library v3

libstdc++6-4.1-dev recommends no packages.

-- no debconf information


--Yarik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#388081: python-central: breaks upgrade if versions are missing for some reason

2006-09-18 Thread Yaroslav Halchenko

Package: python-central
Version: 0.5.5
Severity: important

On the recent upgrade I've got
Linking and byte-compiling packages for runtime python2.3...
Traceback (most recent call last):
  File /usr/bin/pycentral, line 1325, in ?
main()
  File /usr/bin/pycentral, line 1319, in main
rv = action.run(global_options)
  File /usr/bin/pycentral, line 954, in run
requested = list(pyversions.requested_versions(vstring, version_only=True))
  File /usr/share/python/pyversions.py, line 113, in requested_versions
raise ValueError, 'empty set of versions'
ValueError: empty set of versions
dpkg: error processing python2.3 (--configure):
 subprocess post-installation script returned error exit status 1

Since it fails, it forbids me from upgrading and many packages are
left in not configured state. Also such cruel exit doesn't provide any
insight on which package it really failed so I can't resolve the issue
by removing the bad cow package (if that is the issue of a bad
package). Please provide proper handling in such cases.
# pyversions -s
python2.3 python2.4

Thanks in advance
-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages python-central depends on:
pn  pythonnone (no description available)

python-central recommends no packages.

-- no debconf information


--Yarik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#388158: pylint: doesn't bytecompile for python2.4

2006-09-18 Thread Yaroslav Halchenko

Package: pylint
Version: 0.11.0-2
Severity: normal

Just got pylint installed and it is missing python2.4 install by
python-central
 ls -l /usr/lib/python2.*/site-packages/pylint/lint.py
0 lrwxrwxrwx 1 root root 56 Sep 18 17:25
/usr/lib/python2.3/site-packages/pylint/lint.py -
/usr/share/pycentral/pylint/site-packages/pylint/lint.py

it seems to be due to wrong XS-Python-Version: field, which must be
=2.2 I think in this case ;-)

Please excuse me if I am wrong...

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.20-ravana
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages pylint depends on:
ii  emacsen-common1.4.17 Common facilities for all emacsen
ii  python2.3.5-5An interactive high-level object-o
ii  python-central0.5.0  register and build utility for Pyt
ii  python-logilab-astng  0.16.0-2   extend python's abstract syntax tr
ii  python-logilab-common 0.16.1-2   useful miscellaneous modules used 
ii  python-tk 2.4.3-1Tkinter - Writing Tk applications 

pylint recommends no packages.

-- no debconf information


--Yarik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#396868: ITP: jbidwatcher -- bidding, sniping and monitoring software for eBay

2006-11-06 Thread Yaroslav Halchenko

Nice to see someone is ITPing it... Didn't want to compile with free
java... I was about to at least file ITP myself whenever I saw
your ITP ;-) I have a letter of correspondence from Morgan which might
be of some value - I will forward it to you with next email

Good luck

On Fri, 03 Nov 2006, Romain Beauxis wrote:

 Package: wnpp
 Severity: wishlist
 Owner: Romain Beauxis [EMAIL PROTECTED]


 * Package name: jbidwatcher
   Version : 1.0
   Upstream Author : Morgan Schweers, CyberFOX [EMAIL PROTECTED]
 * URL : http://www.jbidwatcher.com/
 * License : LGPL
   Description : bidding, sniping and monitoring software for eBay

 A Java-based application allowing you to monitor auctions you're not
 part of, submit bids, snipe (bid at the last moment), and otherwise
 track your auction-site experience. It includes adult-auction
 management, MANY currencies (pound, dollar (US, Canada, Australian, and
 New Taiwanese) and euro, presently), drag-and-drop of auction URLs, an
 original, unique and powerful 'multisniping' feature, and a relatively nice
 UI.

 -- System Information:
 Debian Release: 3.1
 Architecture: i386 (i686)
 Kernel: Linux 2.6.16-2-686
 Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#397548: tightvncserver: VNC server crashes... most often with KDE running inside it...

2006-11-07 Thread Yaroslav Halchenko

Package: tightvncserver
Version: 1.2.9-20
Severity: important


We have reinstalled the server with amd64 etch. vncserver keeps crashing: first 
I associated the problem with KDE thus I Stopped using it, but then it 
reoccured with pure windowmaker running(FYI - windowmaker was using by KDE as 
window manager as well)

Since it A sounds verynon-informative I've decided to provide an strace with 
timings for the crashed run - may be will provide some instights: since 
stracedump is quit large I am providing the beginning of it:
http://www.onerussian.com/Linux/bugs/tightcrash/tight.strace.head.log.bz2
and actually the part whenever server crashed:
http://www.onerussian.com/Linux/bugs/tightcrash/tight.strace.partaroundcrash.log.bz2

Thank you in advance for looking at the isue!
Please let me know if I could provide any additional information
Thanks in advance
-- System Information:
Debian Release: testing/unstable
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-amd64-generic
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages tightvncserver depends on:
ii  dpkg 1.13.22 package maintenance system for Deb
ii  libc62.3.6.ds1-7 GNU C Library: Shared libraries
ii  libjpeg626b-13   The Independent JPEG Group's JPEG 
ii  libx11-6 2:1.0.3-2   X11 client-side library
ii  libxext6 1:1.0.1-2   X11 miscellaneous extension librar
ii  perl 5.8.8-6.1   Larry Wall's Practical Extraction 
ii  vnc-common   3.3.7-13Virtual network computing server s
ii  x11-common   1:7.1.0-5   X Window System (X.Org) infrastruc
ii  xbase-clients1:7.1.ds-3  miscellaneous X clients
ii  zlib1g   1:1.2.3-13  compression library - runtime

Versions of packages tightvncserver recommends:
ii  xfonts-base   1:1.0.0-4  standard fonts for X

-- debconf-show failed


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#396868: ITP: jbidwatcher -- bidding, sniping and monitoring software for eBay

2006-11-08 Thread Yaroslav Halchenko

Thank you for taking care about packaing jbidwatcher

 I have managed to remove some part that were not necessary, but there is 
 still 
 a Regex class that is needed.
 claims that the licence is the Lesser Gnu Public License, the source lacks 
 some classes source, in particular in some Unicode*.class
 See http://www.javaregex.com/binaries/patbinfree153.jar 
 and http://www.javaregex.com/binaries/patsrcfree153.jar
I see those defined in Regex.java file in the source... or am I missing
something? :-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpQpEx3EvpEs.pgp
Description: PGP signature

Bug#397944: consider default (system wide) configuration /etc/logrotate.conf in each section

Package: logrotate
Version: 3.7.1-3
Severity: important

I could not find any relevant info in the man page and got surprised
that system wide parameters defined in
/etc/logrotate.conf such as
rotate 4
do not have effect in specific logrotate sections, ie there is no really
default value - it gets assumed to be 1. For instance:
if I have

[EMAIL PROTECTED]:/home/yoh.m/deb/debs/fail2ban/trunk/debian# ls -l 
/var/log/fail2ban.log*
-rw-r- 1 root adm 1544 Nov 10 10:45 /var/log/fail2ban.log
-rw-r- 1 root adm 1619 Nov 10 10:45 /var/log/fail2ban.log.1
-rw-r- 1 root adm  539 Nov 10 10:45 /var/log/fail2ban.log.2.gz
-rw-r- 1 root adm  539 Nov 10 10:44 /var/log/fail2ban.log.3.gz
-rw-r- 1 root adm  537 Nov 10 10:44 /var/log/fail2ban.log.4.gz

and define fail2ban.logrotate to be

/var/log/fail2ban.log {
# assuming defaults from /etc/logrotate.conf
#weekly
#rotate 4
#compress

delaycompress
missingok
postrotate
 invoke-rc.d --quiet fail2ban reload /dev/null
endscript
create 640 root adm
}


[EMAIL PROTECTED]:/home/yoh.m/deb/debs/fail2ban/trunk/debian# logrotate --force 
--verbose /etc/logrotate.d/fail2ban.logrotate
reading config file /etc/logrotate.d/fail2ban.logrotate
reading config info for /var/log/fail2ban.log

Handling 1 logs

rotating pattern: /var/log/fail2ban.log  forced from command line (no old logs 
will be kept)
empty log files are rotated, old logs are removed
considering log /var/log/fail2ban.log
  log needs rotating
  rotating log /var/log/fail2ban.log, log-rotateCount is 0
  renaming /var/log/fail2ban.log.1 to /var/log/fail2ban.log.2 (rotatecount 1, 
logstart 1, i 1),
  renaming /var/log/fail2ban.log.0 to /var/log/fail2ban.log.1 (rotatecount 1, 
logstart 1, i 0),
  old log /var/log/fail2ban.log.0 does not exist
  renaming /var/log/fail2ban.log to /var/log/fail2ban.log.1
  disposeName will be /var/log/fail2ban.log.1
  creating new log mode = 0640 uid = 0 gid = 4
  running postrotate script
  removing old log /var/log/fail2ban.log.1

although default parameters in logrotate.conf are

# keep 4 weeks worth of backlogs
rotate 4


I really think that is important to have defaults for logrotate so admin
doesn't have to modify every config filein /etc/logrotate.in to lets say
increase number of kept logs


-- Package-specific info:
Contents of /etc/logrotate.d
total 84
-rw-r--r-- 1 root root 137 Jan 15  2006 acpid
-rw-r--r-- 1 root root 240 Jul 15  2003 apache2
-rw-r--r-- 1 root root  79 Jun  9  2003 aptitude
-rw-r--r-- 1 root root 384 Jan  3  2004 base-config
-rw-r--r-- 1 root root 162 Mar 21  2005 checksecurity
-rw-r--r-- 1 root root 245 Jun  5 09:59 cupsys
-rw-r--r-- 1 root root 124 Apr 19  2005 dirmngr
-rw-r--r-- 1 root root 133 Jun 29  2003 distributed-net
-rw-r--r-- 1 root root 111 Sep 26  2005 dpkg
-rw-r--r-- 1 root root 170 Mar  2  2005 exim4-base
-rw-r--r-- 1 root root 325 Nov 10 10:37 fail2ban.logrotate
-rw-r--r-- 1 root root 151 Nov 11  2002 iptraf
-rw-r--r-- 1 root root 100 Jan 23  2005 kdm
-rw-r--r-- 1 root root  74 May 16  2003 mrtg
-rw-r--r-- 1 root root 466 Aug 22  2004 nessusd
-rw-r--r-- 1 root root 146 Aug 16 01:40 ntop
-rw-r--r-- 1 root root 153 Oct 20  2005 postgresql-common
-rw-r--r-- 1 root root  94 Oct 30  2003 ppp
-rw-r--r-- 1 root root  68 Dec 12  2002 scrollkeeper
-rw-r--r-- 1 root root 271 Mar 16  2005 snort
-rw-r--r-- 1 root root  58 Apr 20  2005 wdm


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages logrotate depends on:
ii  anacron  2.3-11  a cron-like program that doesn't g
ii  base-passwd  3.5.11  Debian base system master password
ii  cron 3.0pl1-97   management of regular background p
ii  libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii  libpopt0 1.10-3  lib for parsing cmdline parameters
ii  libselinux1  1.30.28-1   SELinux shared libraries

Versions of packages logrotate recommends:
ii  mailx1:8.1.2-0.20050715cvs-1 A simple mail user agent

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#397878: fail2ban: no logrotation anymore?

Thank you for reporting!
Forgotten about the beast - it was not present in upstream, so I
postponed its transfer from 0.6 branch and forgot... sorry

Here you can fetch fixed version (I will ask for sponsored upload
of -3 after a bit more fixes build up or after a week, whichever is
earlier ;-)) from
http://itanix.rutgers.edu/rumba/dists/sid/perspect/binary-all/net/fail2ban_0.7.4-3~1_all.deb

Cheers
Yarik
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpM00RsxoH4S.pgp
Description: PGP signature

Bug#396668: fail2ban: issues with default from on emails

Thank you Ross for reporting the issue.

Would you consider it to be a reincarnation of
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329722 ?
thus option d) in your list? Then I would like to close/merge them
(unless we continue discussion)

Would the solution for that one suffice in this case?
or may be I should take a) step since I consider

b) unnecessary user names space pollution -- fail2ban has to run as root
in any case

c) although it sounds neat, since there is no unified framework to
introduce changes into /etc/aliases and keep/remove them, I would prefer
to stay out of it. I might be ignorant and if there is a better way than
echo 'fail2ban: root'  /etc/aliases ... and sed -i -e
's/^fail2ban.*//g' on purge - please let me know, I might rethink


Thanks in advance for your output
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpdlvmnpIgv1.pgp
Description: PGP signature

Bug#398015: /etc/init.d/util-vserver status doesn't detect the kernel

Package: util-vserver
Version: 0.30.211-2
Severity: minor


this says for its own ;-)
 /etc/init.d/util-vserver status
ONBOOT=no  Server blank is not running
ONBOOT=no  Server krb is not running
ONBOOT=yes  Server www is running
Linux-Vserver enabled kernel not detected
/proc entries were fixed for Linux-Vserver guests

so why Linux-Vserver enabled kernel not detected?


 vserver-info - RUNNING ; echo $?
1


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-vserver-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages util-vserver depends on:
ii  debconf  1.5.6   Debian configuration management sy
ii  iproute  20060323-1  Professional tools to control the 
ii  libbeecrypt6 4.1.2-6 open source C library of cryptogra
ii  libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii  make 3.81-2  The GNU version of the make util
ii  net-tools1.60-17 The NET-3 networking toolkit

Versions of packages util-vserver recommends:
ii  binutils  2.17-3 The GNU assembler, linker and bina
ii  debootstrap   0.3.3  Bootstrap a basic Debian system

-- debconf information:
* util-vserver/start_on_boot: true
  util-vserver/prerm_stop_running_vservers: true
  util-vserver/postrm_remove_vserver_configs: false


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#396668: fail2ban: issues with default from on emails

2006-11-14 Thread Yaroslav Halchenko

Hi Ross,

BTW - given issue is obsolete in 0.7.x which is in unstable already.
Could you please verify that ;-) (though it sends email to
[EMAIL PROTECTED] which I believe must be ok)

On Sun, 12 Nov 2006, Ross Boylan wrote:

 On Fri, Nov 10, 2006 at 06:18:49PM -0500, Yaroslav Halchenko wrote:
  Thank you Ross for reporting the issue.

  Would you consider it to be a reincarnation of
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329722 ?
  thus option d) in your list? Then I would like to close/merge them
  (unless we continue discussion)

 It's certainly in the same neighborhood.  However, the focus of the
 earlier bug was on the domain of the email address (which the second
 point in this bug discusses), while this one concerns the part before
 the @ sign as well.
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpg9oYX0DEw6.pgp
Description: PGP signature

Bug#396668: fail2ban: issues with default from on emails

2006-11-14 Thread Yaroslav Halchenko

As I said that the problem (bad From address) is obsolete in 0.7.x, so
if you don't mind installing it (0.7.4-3), enabling mail (follow
instructions in /etc/fail2ban/jail.conf), and verifying that received
email has proper From field (must be root@mailhostname)

Thank you in advance!

On Tue, 14 Nov 2006, Ross Boylan wrote:

 On Tue, Nov 14, 2006 at 10:29:40AM -0500, Yaroslav Halchenko wrote:
  Hi Ross,

  BTW - given issue is obsolete in 0.7.x which is in unstable already.
  Could you please verify that ;-)
 I'm not sure what you mean to verify, but
 $ apt-show-versions -a fail2ban
 fail2ban0.6.1-11install ok installed
 fail2ban0.6.1-11testing
 fail2ban0.6.1-11testing
 fail2ban0.7.4-3 unstable
 fail2ban/testing uptodate 0.6.1-11

  (though it sends email to
  [EMAIL PROTECTED] which I believe must be ok)
 The problem is with the sender of the email, not the recipient.
 I have some doubts about localhost, as mentioned in earlier messages
 for this bug.

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpt7KyVCNsoV.pgp
Description: PGP signature

Bug#398739: attachment

I believe that you mixed up interpolations (done but pythons config module) and
substitutions done by fail2ban

actionstart = iptables -N fail2ban-name
  iptables -I fwchain -m state --state NEW -p protocol --dport 
port -j fail2ban-name
  post_start_commands

I don't think that it is fail2ban intent to substitute
post_start_commands here -- try using interpolations %(...)s

please inspect your configs more carefully on above mentioned subject
and get back to me so we could close this bug report if there is no
issue with interpolations handling (which is in any case not much of
fail2ban issue but python...)

# Option:  fwend
# Notes.:  command executed once at the end of Fail2Ban
# Values:  CMD
#
actionstop = pre_end_commands
 iptables -D fwchain -m state --state NEW -p protocol --dport 
port -j fail2ban-name
 iptables -F fail2ban-name
 iptables -X fail2ban-name

On Wed, 15 Nov 2006, martin f krafft wrote:

 Oops. Now attached.
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpvgxxgpTOC5.pgp
Description: PGP signature

Bug#398740: Re: Bug#398740: init.d script does not appear idempotent


 This is ancient stuff.
ancient doesn't necessarily mean bad

 piper:~# /etc/init.d/apache2 start || echo failure   
 #[345]
 Starting web server (apache2)... .
 piper:~# /etc/init.d/apache2 start || echo failure   
 #[346]
 Starting web server (apache2)... httpd (pid 4175) already running.
 piper:~# /etc/init.d/apache2 stop || echo failure
 #[346]
 Stopping web server (apache2)... .
 piper:~# /etc/init.d/apache2 stop || echo failure
 #[347]
 Stopping web server (apache2)... httpd (no pid file) not running.
well -- if you look inside that script it makes limited use of
start-stop-daemon facility at all and just doesn't suppress output to
APACHE2CTL... -- I don't consider it a good practice since it can easily
violate LSB guidelines (such as a single line etc) to use
log_*_msg functions for output from init scripts... I think even that it
is worth filing a bug against apache2

  even if the daemon is running (return 1 from do_start) return of init
  script is 0.
 Yeah, I am only talking about the output. Not the exit status.
ok - we narrowed it down to just output (as for exit status also see 
http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html)

since start action when daemon already is running considered to be a
normal (return 0) - then it should simply follow
http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.4


Please argue not by an example on possibly broken scripts but references
to policy/dev-ref -- that would make it easier to properly resolve the
issue

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpYX9LDazoEH.pgp
Description: PGP signature

Bug#398739: Re: Bug#398739: attachment

it is hard to see whole picture since you are just sending changing
snippets of configuration - send the whole entirety...

I bet that the reason for current issue is that  
you defined actionstart in [Definition] config/action.d/iptables.conf
whenever you defined in post_start_commands in [Init] --- how can it see
its value in Definition?? define it in new section [DEFAULT] of the same
file then... and you might need to define it to smth nonempty - I am not
sure what freaks ConfigParser out exactly

once again - this is not a fail2ban issue but rather logic behind usage
of python interpolations in config files

On Wed, 15 Nov 2006, martin f krafft wrote:

 also sprach Yaroslav Halchenko [EMAIL PROTECTED] [2006.11.15.1512 +0100]:
  I believe that you mixed up interpolations (done but pythons config module) 
  and
  substitutions done by fail2ban

  actionstart = iptables -N fail2ban-name
iptables -I fwchain -m state --state NEW -p protocol 
  --dport port -j fail2ban-name
post_start_commands

  I don't think that it is fail2ban intent to substitute
  post_start_commands here -- try using interpolations %(...)s
-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#398739: Re: Re: Bug#398739: attachment

Dear Martin,

ok - I see now more clearly but the reason is the same: confusion
between interpolated values and substituted by fail2ban (which is a
limited set of names). so whenever you provide parameters for action
like

iptables[bla=zzz]

bla has to be handled as fail2ban config parameter (the ones found now in ).
here I managed confuse you and myself in my first reply

since config files loaded separately in pairs .conf .local,
interpolations do not penetrate from one to another, thus whatever is
defined (besides fail2ban parameter mentioned above) in a section
within jail.conf has to be passed as the fail2ban action parameter.
In your config you mixed up the two:

[Definition]
actionstart = iptables -N fail2ban-name
  iptables -I fwchain -m state --state NEW -p protocol --dport 
port -j fail2ban-name
  %(post_start_commands)s
actionstop = pre_end_commands
 
do you see the problem???


Indeed difference between interpolated and parameters to actions
is worth documenting: I will add a note to README.Debian. I will close
this bug after introducing respective documentation

Please find my fix to your configuration attached...

 So my question is how I can override the defaults from the jail
 configuration.
simply by redefining in jail.local. in your case you are not only
redefining it but trying to introduce additional parameters into action
and mixing up parameters and interpolations

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




fail2ban.martin.tgz
Description: application/tar-gz


pgpOVWIzfgPrX.pgp
Description: PGP signature

Bug#391342: [RFS]: jsMath:TeX equations in HTML documents

2006-10-20 Thread Yaroslav Halchenko

Dear All,

For the sake of reference I am replying to my ITP bugreport.

Please consider next packages for sponsoring or for commenting on.
(I am 1 person away from DAM approval in NM queue... 1,2 months
more and I might become a DD myself ;-) For now I need sponsoring)

Sources:
dget
http://itanix.rutgers.edu/rumba/dists/sid/perspect/source/web/jsmath_3.3g-1.dsc
dget
http://itanix.rutgers.edu/rumba/dists/sid/perspect/source/web/jsmath-fonts_1.3-1.dsc
dget
http://itanix.rutgers.edu/rumba/dists/sid/perspect/source/web/jsmath-fonts-sprite_1.0-1.dsc

Binaries available from my repository:
deb http://itanix.rutgers.edu/rumba/ sid perspect

This is the 1st packaging, thus it would close an ITP.

Packages are lintian/linda clean. Worries might be due to use of
debconf in jsmath to configure web servers. gallery's scripts were used
as a start point. I might in future disable botton in jsMath menu to
look for updates (although it can't hurt so people could buzz me to run
uscan ;-))

Thanks everyone in advance for looking at.

On Fri, 06 Oct 2006, Yaroslav Halchenko wrote:

Package: wnpp
Owner: Yaroslav Halchenko [EMAIL PROTECTED]
Severity: wishlist

* Package name: jsmath
Version : 3.3e
Upstream Author : Davide P. Cervone
* URL or Web page : http://www.math.union.edu/~dpvc/jsMath
* License : Apache License 2.0
Description : TeX equations in HTML documents
The jsMath package provides a method of including mathematics in HTML
pages that works across multiple browsers under Windows, Macintosh OS
X, Linux and other flavors of Unix. It overcomes a number of the
shortcomings of the traditional method of using images to represent
mathematics: jsMath uses native fonts, so they resize when you change
the size of the text in your browser, they print at the full
resolution of your printer, and you don't have to wait for dozens of
images to be downloaded in order to see the mathematics in a web
page.
.
There are also advantages for web-page authors, as there is no
need to preprocess your web pages to generate any images, and the
mathematics is entered in TeX form, so it is easy to create and
maintain your web pages.

--
.-.
=-- /v\ =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko /( )\ ICQ#: 60653192
Linux User^^-^^[17]

pgpyGtge5ahuE.pgp
Description: PGP signature

Bug#383288: failure to add rules for one port results in multiple rules added for other ports

2006-10-30 Thread Yaroslav Halchenko

Hi Martin

I am sorry that I am getting to this issue with such a huge delay.
I am not sure if you have any additional details on this bugreport,
since I don't quite understand what has happened and why it kept
reinitializing the rules: if by any chance you can provide me with at
least fail2ban log file (and iptables -L) if you have them left or can
reproduce the bug.

Thank you in advance

 If a rule fails to execute, maybe only retry it, not all rules?
The idea of fwcheck is that if it fails, it means that the state of
firewall was changed outside of fail2ban, thus it is not safe to operate
any more and it is better to reinitilize all the rules.

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgpRqYYxEwcF6.pgp
Description: PGP signature

Bug#305950: svk upstream has bash completion module...

2006-10-10 Thread Yaroslav Halchenko

Package: svk
Version: 1.08-1
Followup-For: Bug #305950

Please have a look at
https://launchpad.net/distros/ubuntu/+source/svk/+bug/32312
(so yes... ubuntu has it fixed...  heh heh)

and in the upstream sources - ./contrib/svk-completion.pl is there.

-- System Information:
Debian Release: testing/unstable
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-mm1
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages svk depends on:
ii  libalgorithm-annotate-perl0.10-1 represent a series of changes in a
ii  libalgorithm-diff-perl1.19.01-2  a perl library for finding Longest
ii  libclass-autouse-perl 1.23-1 Defer loading ( 'use'ing ) of a cl
ii  libclone-perl 0.18-1 recursively copy Perl datatypes
ii  libcompress-zlib-perl 1.42-1 Perl module for creation and manip
ii  libdata-hierarchy-perl0.21-1 Handle data in a hierarchical stru
ii  libfile-type-perl 0.22-1 determine file type using magic st
ii  libfreezethaw-perl0.43-3 converting Perl structures to stri
ii  libio-digest-perl 0.10-1 Calculate digests while reading or
ii  libio-string-perl 1.08-1 Emulate IO::File interface for in-
ii  liblocale-maketext-lexicon-pe 0.62-1 Lexicon-handling backends for Loc
ii  liblocale-maketext-simple-per 0.12-2 Simple interface to Locale::Makete
ii  libperlio-eol-perl0.13-1 PerlIO layer for normalizing line 
ii  libperlio-via-dynamic-perl0.11-1 dynamic PerlIO layers
ii  libperlio-via-symlink-perl0.05-1 PerlIO layers for create symlinks
ii  libpod-simple-perl3.04-1 Perl framework for parsing files i
ii  libregexp-shellish-perl   0.93-1 Shell-like regular expressions
ii  libsvn-core-perl  1.3.2-6Perl bindings for Subversion
ii  libsvn-mirror-perl0.68-2 A subversion repository mirroring 
ii  libsvn-simple-perl0.27-1 A simple interface for writing a d
ii  libtext-diff-perl 0.35-2 Perform diffs on files and record 
ii  libtimedate-perl  1.1600-5   Time and date functions for Perl
ii  libyaml-perl  0.62-1 YAML Ain't Markup Language (tm)
ii  perl  5.8.8-6.1  Larry Wall's Practical Extraction 
ii  subversion1.4.0-2Advanced version control system

svk recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#148955: another vote for an action to be taken on the package

2006-10-01 Thread Yaroslav Halchenko

Package: lib3ds-dev
Followup-For: Bug #148955

Dear Marcelo,

I would like to bring your attention to the issue again. It is in
interest of Debian users to have this package providing shared
library (as it is obvious from multiple emails of other users
accompanying this bug report), and there is no direct counter factor
which should stop you from satisfying those poor people need: library is
under DFSG license, so I don't see any good reason to stay away from
fullfilling the request (if there is a hidden problem which caused
upstream to remove library packaging, please share the news...)

Please comment on and resolve the issue either way

* make a statement why it can't provide a shared library (something
   more elaborated than just a fact that upstream doesn't provide it),
   and tag the bug with wontfix so the destiny of the bug becomes
   obvious and there are no unnecessary NMUs

* provide shared library and close the bug ;-)

Thank you in advance

-- System Information:
Debian Release: testing/unstable
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-mm1
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#391342: ITP: jsmath -- TeX equations in HTML documents

2006-10-05 Thread Yaroslav Halchenko

Package: wnpp
Owner: Yaroslav Halchenko [EMAIL PROTECTED]
Severity: wishlist

* Package name: jsmath
  Version : 3.3e
  Upstream Author : Davide P. Cervone
* URL or Web page : http://www.math.union.edu/~dpvc/jsMath
* License : Apache License 2.0
  Description : TeX equations in HTML documents
 The jsMath package provides a method of including mathematics in HTML
 pages that works across multiple browsers under Windows, Macintosh OS
 X, Linux and other flavors of Unix. It overcomes a number of the
 shortcomings of the traditional method of using images to represent
 mathematics: jsMath uses native fonts, so they resize when you change
 the size of the text in your browser, they print at the full
 resolution of your printer, and you don't have to wait for dozens of
 images to be downloaded in order to see the mathematics in a web
 page.
 .
 There are also advantages for web-page authors, as there is no
 need to preprocess your web pages to generate any images, and the
 mathematics is entered in TeX form, so it is easy to create and
 maintain your web pages.

P.S. Unfortunately I don't have tentative packages yet but I will
package it rather soon since I want to use it, thus I need an easy and
automatic upgrade system ;-)

--Yarik


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#377835: acct: follow up and temp fix I use

2006-09-21 Thread Yaroslav Halchenko

Package: acct
Version: 6.3.99+6.4pre1-4
Followup-For: Bug #377835


I just want to confirm this issue which had caused lost audit control
over many boxes under my administration. I consider it of RC importance,
but since it can be easily fixed, I keep at important, otherwise I would
raise its severity more

For now I fix it by
removing /var/account/pacct
touch /var/log/account/pacct
ln -s /var/log/account/pacct /var/account/pacct

Please have the issue fixed

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.20-ravana
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages acct depends on:
ii  libc6 2.3.6-13   GNU C Library: Shared libraries

acct recommends no packages.

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#329687: freemind: 0.9.0 beta7 works fine with recent sun java available from non-free

2006-09-22 Thread Yaroslav Halchenko

Package: freemind
Version: 0.7.1-6
Followup-For: Bug #329687


Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Yaroslav Halchenko [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: freemind: 0.9.0 beta7 works fine with recent sun java available from 
non-free
Message-ID: [EMAIL PROTECTED]
X-Mailer: reportbug 3.29.5
Date: Fri, 22 Sep 2006 16:54:13 -0400

Package: freemind
Version: 0.7.1-6
Followup-For: Bug #329687


Hi Eric,

Thank you for packaging freemind and all attempts you've made to make it
DFSG compliant to get into main. If there yet any reason remains (not 
available depends from main according to the wiki) why don't you just 
upgrade to beta 0.9 which seems to be working fine with current non-free
sun java in sid?

Thank you in advance

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages freemind depends on:
ii  gij-4.1 [java2-runtime]   4.1.1-13   The GNU Java bytecode interpreter
pn  j2re1.4 | java-virtual-machin none (no description available)
ii  sun-java5-jre [java2-runtime] 1.5.0-08-1 Sun Java(TM) Runtime Environment (

Versions of packages freemind recommends:
ii  amaya [www-br 9.51-2.1   Web Browser, HTML Editor and Testb
ii  dillo [www-br 0.8.5-4Small and fast web browser
ii  elinks [www-b 0.11.1-1   advanced text-mode WWW browser
ii  epiphany-brow 2.14.3-1+b1Intuitive GNOME web browser
ii  firefox [www- 1.5.dfsg+1.5.0.7-1 lightweight web browser based on M
ii  konqueror [ww 4:3.5.4-2+b1   KDE's advanced file manager, web b
ii  lynx [www-bro 2.8.5-2sarge2.1Text-mode WWW Browser
ii  mozilla-brows 2:1.7.13-0.3   The Mozilla Internet application s
ii  w3-el-e21 [ww 4.0pre.2001.10.27.nodocs-1 Web browser for GNU Emacs 21
ii  w3m [www-brow 0.5.1-5WWW browsable pager with excellent

-- no debconf information

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages freemind depends on:
ii  gij-4.1 [java2-runtime]   4.1.1-13   The GNU Java bytecode interpreter
pn  j2re1.4 | java-virtual-machin none (no description available)
ii  sun-java5-jre [java2-runtime] 1.5.0-08-1 Sun Java(TM) Runtime Environment (

Versions of packages freemind recommends:
ii  amaya [www-br 9.51-2.1   Web Browser, HTML Editor and Testb
ii  dillo [www-br 0.8.5-4Small and fast web browser
ii  elinks [www-b 0.11.1-1   advanced text-mode WWW browser
ii  epiphany-brow 2.14.3-1+b1Intuitive GNOME web browser
ii  firefox [www- 1.5.dfsg+1.5.0.7-1 lightweight web browser based on M
ii  konqueror [ww 4:3.5.4-2+b1   KDE's advanced file manager, web b
ii  lynx [www-bro 2.8.5-2sarge2.1Text-mode WWW Browser
ii  mozilla-brows 2:1.7.13-0.3   The Mozilla Internet application s
ii  w3-el-e21 [ww 4.0pre.2001.10.27.nodocs-1 Web browser for GNU Emacs 21
ii  w3m [www-brow 0.5.1-5WWW browsable pager with excellent

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#354759: twiki: another bagging for upgrade...

2006-09-22 Thread Yaroslav Halchenko

Package: twiki
Followup-For: Bug #354759

Dear DD

Could you please release a new version of twiki for us - poor Debian
users who hasn't seen any fresh twiki  for more than a year?
As it was mentioned, fresh release would close maaany bugs, thus it is
very desired.

Thank you very much in advance... (or did I miss smth and twiki is
orphaned?)


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400416: fail2ban: Better Documentation

2006-11-26 Thread Yaroslav Halchenko


   What are the basic concepts of the system?  What's a jail?  What is
   the difference between the configuration subdirectories (some help on
   http://fail2ban.sourceforge.net/wiki/index.php/MANUAL_0_8)?
  Please have a look at
  http://fail2ban.sourceforge.net/wiki/index.php/FEATURE_Split_config
  It might answer some questions
 ***
 One detail that is important is what types of file names are read in
 the split config.  Many programs that use such a scheme ignore certain
 file names (e.g., they read foo but not foo~).

 If fail2ban reads all files, it would be nice if it didn't!  If it
 doesn't skip editor backup files, for example, the result will likely
 be obscure bugs.
fail2ban reads .conf and .local files only, thus we are safe

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#396668: fail2ban: issues with default from on emails

2006-11-26 Thread Yaroslav Halchenko



 OK, now that I have this working, I can verify that with 0.7, after
 enabling the mailing, the messages appear to come from
 [EMAIL PROTECTED] (obscuring actual domain).
check your local MTA configuration, in particular /etc/mailname
fail2ban is simply callin gmail command without specifying From at all
- thus it takes root since it is running as root and it takes mail name
  of the box... or it depends how your system configured... just have a
  look at /etc/fail2ban/action.d/mail-whois.conf and actionban to see
  support for my words...

 Is it the case that there is no option to set the sender anymore
 (short of editing the command that sends the mail)?
yep - you would need to override actionban in
/etc/fail2ban/action.d/mail-whois.local in section [Definition]

(or edit .conf file directly which I wouldn't recommend)

 Should fail2ban include some kind of dependency on a package that
 provides the mail command (I have mailx, which is priority important,
 and provides mail-reader)?
I will add suggests to mailx I think... mail-reader is irrelevant I
think - correct me if I am wrong

 P.S. mail-whois.conf includes

 # Destinataire of the mail

 dest = root

 I think the desired English is Destination not Destinataire.
;-)

-- 
  .-.
=--   /v\  =
Keep in touch// \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko  /(   )\   ICQ#: 60653192
   Linux User^^-^^[17]




pgplelGMrxKpl.pgp
Description: PGP signature

Bug#400593: doesnt exit properly if no showmount present

Package: am-utils
Version: 6.1.5-2
Severity: normal

I didn't have nfs-common present, thus couldn't cd /net/anywhere.
checked logs and saw

Nov 27 08:58:23 vaio automount[9285]:  /etc/auto.net: line 40: --no-headers: c
ommand not found

and indeed:

*$ sh -x /etc/auto.net
+ key=
+ opts=-fstype=nfs,hard,intr,nodev,nosuid,nonstrict,async
+ for P in /bin /sbin /usr/bin /usr/sbin
+ for M in showmount kshowmount
+ '[' -x /bin/showmount ']'
+ for M in showmount kshowmount
+ '[' -x /bin/kshowmount ']'
+ for P in /bin /sbin /usr/bin /usr/sbin
+ for M in showmount kshowmount
+ '[' -x /sbin/showmount ']'
+ for M in showmount kshowmount
+ '[' -x /sbin/kshowmount ']'
+ for P in /bin /sbin /usr/bin /usr/sbin
+ for M in showmount kshowmount
+ '[' -x /usr/bin/showmount ']'
+ for M in showmount kshowmount
+ '[' -x /usr/bin/kshowmount ']'
+ for P in /bin /sbin /usr/bin /usr/sbin
+ for M in showmount kshowmount
+ '[' -x /usr/sbin/showmount ']'
+ for M in showmount kshowmount
+ '[' -x /usr/sbin/kshowmount ']'
+ '[' -x ']'
+ SHOWMOUNT=' --no-headers -e '
+ --no-headers -e
/etc/auto.net: line 40: --no-headers: command not found
+ LC_ALL=C
+ sort -k 1
+ sed 's/#/\\#/g'
+ awk -v key= -v opts=-fstype=nfs,hard,intr,nodev,nosuid,nonstrict,async -- '
BEGIN   { ORS=; first=1 }
{ if (first) { print opts; first=0 }; print  \\\n\t 
$1, key : $1 }
END { if (!first) print \n; else exit 1 }
'

I bet you should simple wrap in  like
[ -x $SMNT ] || echo 1

and it would work ;-)

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-rc2-mm1
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages am-utils depends on:
ii  debconf 1.5.5Debian configuration management sy
ii  libamu4 6.1.5-2  Support library for amd the 4.4BSD
ii  libc6   2.3.6.ds1-4  GNU C Library: Shared libraries
ii  libgdbm31.8.3-3  GNU dbm database routines (runtime
ii  libhesiod0  3.0.2-16 Libraries for hesiod, a service na
ii  libldap22.1.30-13+b1 OpenLDAP libraries
ii  libwrap07.6.dbs-11   Wietse Venema's TCP wrappers libra
ii  perl5.8.8-6.1Larry Wall's Practical Extraction 
ii  portmap 5-20 The RPC portmapper
ii  ucf 2.0015   Update Configuration File: preserv

am-utils recommends no packages.

-- debconf information:
  am-utils/import-amd-failed:
  am-utils/clustername:
  am-utils/map-net: true
* am-utils/use-nis: false
  am-utils/nis-custom: echo /amd-is-misconfigured /usr/share/am-utils/amd.net
  am-utils/import-amd-conf-done: false
  am-utils/import-amd-conf: false
  am-utils/nis-master-map: amd.master
  am-utils/nis-key: default
* am-utils/rpc-localhost:
  am-utils/map-others:
  am-utils/nis-master-map-key-style: onekey
  am-utils/map-home: false
  am-utils/log-to-file:


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400229: Just want to confirm

Package: am-utils
Version: 6.1.5-2
Followup-For: Bug #400229

Just wanted to confirm that the issue persists:


Get: 1 http://itanix.rutgers.edu unstable/main libamu4 6.1.5-2 [164kB]
Get: 2 http://itanix.rutgers.edu unstable/main am-utils 6.1.5-2 [373kB]
Fetched 537kB in 0s (3772kB/s)
Reading package fields... Done
Reading package status... Done
Retrieving bug reports... Done 
Preconfiguring packages ...
/tmp/am-utils.config.75781: line 7: amq-check-wrap: command not found


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-rc2-mm1
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages am-utils depends on:
ii  debconf 1.5.5Debian configuration management sy
ii  libamu4 6.1.5-2  Support library for amd the 4.4BSD
ii  libc6   2.3.6.ds1-4  GNU C Library: Shared libraries
ii  libgdbm31.8.3-3  GNU dbm database routines (runtime
ii  libhesiod0  3.0.2-16 Libraries for hesiod, a service na
ii  libldap22.1.30-13+b1 OpenLDAP libraries
ii  libwrap07.6.dbs-11   Wietse Venema's TCP wrappers libra
ii  perl5.8.8-6.1Larry Wall's Practical Extraction 
ii  portmap 5-20 The RPC portmapper
ii  ucf 2.0015   Update Configuration File: preserv

am-utils recommends no packages.

-- debconf information:
  am-utils/import-amd-failed:
  am-utils/clustername:
  am-utils/map-net: true
* am-utils/use-nis: false
  am-utils/nis-custom: echo /amd-is-misconfigured /usr/share/am-utils/amd.net
  am-utils/import-amd-conf-done: false
  am-utils/import-amd-conf: false
  am-utils/nis-master-map: amd.master
  am-utils/nis-key: default
* am-utils/rpc-localhost:
  am-utils/map-others:
  am-utils/nis-master-map-key-style: onekey
  am-utils/map-home: false
  am-utils/log-to-file:


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400607: reports Couldn't load package calamaris::calBars3d

Package: calamaris
Version: 2.99.4.0-3
Severity: important



washoe:/etc/squid# cat /var/log/squid/access.log | /usr/bin/calamaris -a -f 
auto --config-file /etc/calamaris/calamaris.conf -o forweekly.1 -F html,graph 
-H 'Squid daily' --output-path /home/www/www/html/stat/calamaris --output-file 
daily.html
/usr/bin/calamaris: Couldn't load package calamaris::calBars3d,
  maybe it is not installed: No such file or directory

although stracing shows:

14081 open(/usr/share/perl5/calamaris/calBars3d.pm, O_RDONLY|O_LARGEFILE) = 4
14081 ioctl(4, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbff4cdc8) = -1 ENOTTY 
(Inappropriate ioctl for device)

so - file is present and readable but I am not sure what calamaris/perl
tries to do with it...

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (990, 'testing'), (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-vserver-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages calamaris depends on:
ii  bc1.06-20The GNU bc arbitrary precision cal
ii  debconf [debconf-2.0] 1.5.8  Debian configuration management sy
ii  perl [perl5]  5.8.8-6.1  Larry Wall's Practical Extraction 

calamaris recommends no packages.

-- debconf-show failed


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400610: wput: could not parse simple URL: ftp://yar.50webs.com

Package: wput
Version: 0.6-1
Severity: important


 wput *jpg *html ftp://yar.50webs.com
Skipping this URL.
Error: the url `ftp://yar.50webs.com' could not be parsed

or I can admint that I am blind and don't see obvious... but it seems to
don't like web part of it


-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (990, 'testing'), (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-vserver-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages wput depends on:
ii  libc62.3.6.ds1-7 GNU C Library: Shared libraries
ii  libgnutls13  1.4.4-2 the GNU TLS library - runtime libr

wput recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400593: doesnt exit properly if no showmount present