Placer le umask d'un processus lancé par start-stop-daemon?
Pour le paquet Geneweb, je lance actuellement le démon de la façon suivante : GENEWEBSHARE=/usr/share/geneweb GENEWEBDOC=/usr/share/doc/geneweb/doc GENEWEBDB=/var/lib/geneweb GENEWEBUSER=geneweb DAEMON=/usr/bin/gwd NAME=geneweb LOGFILE=/var/log/$NAME.log .../... echo -n Starting GeneWeb server: echo -n gwd ; start-stop-daemon -b --start --quiet \ --chuid $GENEWEBUSER --exec $DAEMON -- \ -hd$GENEWEBSHARE -dd$GENEWEBDOC -bd$GENEWEBDB -p$PORT \ -lang$LANG -log$LOGFILE -daemon echo done. Le problème est que gwd crée alors d'éventuels fichiers avec des permissions rw-r--r-- alors que j'aurais besoin de rw-rw. Comment puis-je faire pour que le umask soit donc de 007 pour ce processus ? Quelqu'un a une idée ? (peut-être est-ce simple ignorance de ma part d'un concept Unix assez basique) --
Re: Cherche DD pour signature de clé sur 25/90/68/70
Nicolas Bertolissio [EMAIL PROTECTED] wrote: Y aurait-il un DD dans les régions sus-citées ? Quant à moi, je sur sur Mulhouse et travail à l'EuroAirPort. Va vraiment falloir qu'on se fasse un p'tit meeting, vu le nombre qu'on est, un de ces jours. JB. -- Julien BLACHE - Debian GNU/Linux Developer - [EMAIL PROTECTED] Public key available on http://www.jblache.org - KeyID: F5D6 5169 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169
Re: Cherche DD pour signature de clé sur 25/90/68/70
Nicolas Rueff [EMAIL PROTECTED] wrote: Après avoir reçu quelques réponses, une question m'est venue (Aahh, l'éternel quête de connaissances ...). Existe-t-il un site géolocalisant précisément les DD ? Ou ai-je eu une idée révolutionnaire, ce qui m'étonnerait vu mon déficit de sommeil ;) Les infos de localisation sont dans la base LDAP, ce qui veut dire que les développeurs y ont accès. (c'est comme ça qu'on génère la world map) JB. -- Julien BLACHE - Debian GNU/Linux Developer - [EMAIL PROTECTED] Public key available on http://www.jblache.org - KeyID: F5D6 5169 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169
Re: Placer le umask d'un processus lancé par start-stop-daemon?
Quoting Julien Gilles ([EMAIL PROTECTED]): A priori le umask est hérité lors du fork entre le père et le fils, donc il suffit de positionner le umask avant de lancer start-stop-daemon. Ca, c'est ce que j'avais essayé en premier et, devine ? Ca ne marche pas.. :-)
Re: Cherche DD pour signature de clé sur 25/90/68/70
Sven Luther [EMAIL PROTECTED] wrote: Les infos de localisation sont dans la base LDAP, ce qui veut dire que les développeurs y ont accès. (c'est comme ça qu'on génère la world map) Ce qui serait cool serait de pouvoir zoomer sur le world map. Un amas de points sur l'europe cela n'est pas tres parlant. C'est volontairement imprécis, il est hors de question de donner des infos de localisation trop précises. La world map a pour seul but de donner une idée de la répartition mondiale... JB. -- Julien BLACHE [EMAIL PROTECTED] | Debian, because code matters more Debian GNU/Linux Developer| http://www.debian.org Public key available on http://www.jblache.org - KeyID: F5D6 5169 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169
Re: Cherche DD pour signature de clé sur 25/90/68/70
Julien BLACHE [EMAIL PROTECTED] a écrit : | C'est volontairement imprécis, il est hors de question de donner des | infos de localisation trop précises. Mouarf. Il y aurait un zoom qui permettrait de mettre l'Alsace en plein ecran que la vie privee des DD ne serait pas encore trop mise a mal. Daniel -- http://yo.dan.free.fr/
ITP: 1-mb-random-data -- one megabyte of pseudo-random data
Package: wnpp Severity: wishlist * Package name: 1-mb-random-data Version : 1 Upstream Author : entropy * URL : /dev/urandom * License : ? (may violate various licenses at random, though probably won't) Description : one megabyte of pseudo-random data I intend to dd if=/dev/urandom of=debian/tmp/usr/lib/1-mb-random-data I don't know what use this will be, but popularity-contest will tell us, in time, if some users have found a use for it. If so, I may at a later date package 2-mb-random-data, 1 gb-null-data, etc. The possibilities are endless! -- see shy jo signature.asc Description: Digital signature
Re: ITP: 1-mb-random-data -- one megabyte of pseudo-random data
On Wed, 12 Nov 2003, Joey Hess wrote: I intend to dd if=/dev/urandom of=debian/tmp/usr/lib/1-mb-random-data Will this be available via CVS? ;) Mike
Re: Bug#219942: ITP: zope-textindexng2 -- Fulltext index for Zope
On Tue, 11 Nov 2003, Joe Drew wrote: This is the new fulltext index for Zope and is the most feature-complete solution for fulltext indexing under Zope. Supported Formats: HTML, PDF, Postscript, WinWord, PowerPoint, OpenOffice Again, s/fulltext/full text/g. What does this mean? Can I search Zope using this index? More details should be added. Would this be OK: This is the new full text index for Zope objects and is the most feature-complete solution for full text indexing under Zope. . Supported Formats: HTML, PDF, Postscript, WinWord, PowerPoint, OpenOffice I'll ask upstream for a little bit more documentation. I do not use this package directly but another package I will ITP soon is making use of it. Thanks for the hints Andreas. -- Sie schaffen eine Wüste und nennen es Frieden. -- Publius Cornelius Tacitus (55-120)
Re: status of Progeny projects
Hi Ian: I have been long time user of linux and I find the greatest weakness to be the ability to easily install applications which seems to be the intent of this group. I would like to make a suggestion with respect to handling of dependancies. Most software installs fail as a result of missing libraries. I would like to see a central repository for all libraries, old, new and development. A repository that when a library dependancy needs to be satisfied, the installer be it RPM, APT or anyone elses, can automatically access and download the appropriate version of library required. This repository should only hold nothing but libraries, no software, no packages, just libraries with a searchable capability that one could also manually search and download ones needs. With the version numbers used in linux there is no fear as there is in the other OS of overlaying and existing library that would result in the breaking of other software. It would be no problem to run the same library beside its earlier parent satisfying the need of all software. Along with this there should be a tool that will allow the cleaning up of ones libraries based on lack of activity so that the directories holding libraries such as /lib can be safely maintained and kept from growing out of hand. Thanks to all open source developers for the work that has and continues to be done. Regards, Peter :-}
gimp1.2: gimp package suggest non-free software
Package: gimp1.2 Version: 1.2.3-2.4 Severity: normal Hi, Installed the gimp, I got a message suggesting me to install gimp1.2-nonfree I find non-appropriate for a package in main to advertise for non-free packages in non-free, which is theoretically not part of Debian -- a package part of Debian should not assume that these packages exists, a package part of Debian should not incitate users to install non-free software. I add this report to debian-devel in Cc because I suppose that it may need a public debate. Side note: the non-free package in question seems to ship only GIF support. I thought that the patent on LZW was over. But, worse, why can't the gimp no longer save GIF files, without the LZW compression? Should I fill a bug against the gimp package? It that due to the existence of a package in non-free providing full gif support -- would be really astonishing (removing functionalities that works feeely in the package in main and incitating to install non-free stuff) -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux ulysse 2.4.23-pre7 #6 mar oct 21 18:19:23 CEST 2003 i686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] Versions of packages gimp1.2 depends on: ii aalib1 1.4p5-18 ascii art library ii libc6 2.3.2-9 GNU C Library: Shared libraries an ii libgimp1.2 1.2.3-2.4Libraries necessary to run the GIM ii libglib1.2 1.2.10-9 The GLib library of C routines ii libgtk1.2 1.2.10-16The GIMP Toolkit set of widgets fo ii libgtkxmhtml1 1.4.2-16 The GNOME gtkxmhtml (HTML) widget ii libjpeg62 6b-9 The Independent JPEG Group's JPEG ii libmpeg11.3.1-2.1The MPEG library calls for movie s ii libpng2 1.0.15-4 PNG library, older version - runti ii libtiff3g 3.5.7-2 Tag Image File Format library ii slang1 1.4.9-2 The S-Lang programming library - r ii wget1.9-1retrieves files from the web ii xlibs 4.3.0-0ds2.0.0woody2 X Window System client libraries ii zlib1g 1:1.1.4-16 compression library - runtime -- no debconf information -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: Removal of LaTeX2HTML from main
Ralf Treinen [EMAIL PROTECTED] a tapoté : On Mon, Nov 10, 2003 at 04:06:02PM +0100, Roland Stigge wrote: working on the legal issues for LaTeX2HTML [1], at debian-legal [2], we concluded that LaTeX2HTML will have to be removed from main because it [...] With /usr/bin/latex2html substituted, many packages render bad results or even FTBFS because of several reasons: [...] As the maintainer of one of the aforementioned packages you have the choice between the following options (exclusively): [...] * Build-Depend on hevea or hyperlatex if you figure out that one of these alternatives are better than TeX4ht (htlatex) Please consider using hevea as a replacement of latex2html. It is currently used (by the respective upstream authors) to produce html versions of the manual of OCaml and GNU Prolog. I don't know what the special features of latex2html are, but if you tell me what special needs you have I can try to check if it can be done with hevea. Can someone provide a link to a clear explanation about latex2html being non-free? -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: ITP: 1-mb-random-data -- one megabyte of pseudo-random data
On Wed, 12 Nov 2003 01:08:55 -0500, Joey Hess [EMAIL PROTECTED] wrote: Package: wnpp Severity: wishlist * Package name: 1-mb-random-data Version : 1 Upstream Author : entropy * URL : /dev/urandom * License : ? (may violate various licenses at random, though probably won't) Description : one megabyte of pseudo-random data That will at least be large enough to pass ftpmaster's vetting. And it's a great idea to make random-driven applications behave in a reproducible way. scnr Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fax: *49 721 966 31 29
Re: possible compromise for ITP: linux?
Joey Hess [EMAIL PROTECTED] wrote: Problems of this approach, off the top of my head: a. Having a binary package of the same name that is produced by different source packages on different architectures may or may not drive the archive maintainence scripts nuts. On the other hand, it uses no more space in the archive than our kernel sources use today. We already have that today. The generic kernel headers package is provided by different source packages on different architectures. b. If kernel-source-2.4.22 produces a linux package, then when 2.4.23 comes out, kernel-source-2.4.22 has to either be removed from the archive, or revved to stop providing the linux package before kernel-source-2.4.23 can begin to do so. It's not a problem since this situation is identical to that of the kernel-image-2.4-foo packages which never had any troubles. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED] Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: Bug#220261: RFP: tnimage -- scientific image analysis software
On Tue, 11 Nov 2003, Don Armstrong wrote: Odd. I was looking for a package that does exactly this on monday. I'm going to evaluate it and see if it does what I hope it does, and then prepare it for packaging in debian... assuming it fullfills the nich that I need filled. Just keep me informed about your success. I'd be willing to help out here to include it into med-imaging. Kind regards Andreas.
Re: status of Progeny projects
On Tuesday, Nov 11, 2003, at 23:39 America/Denver, Peter Zoeller wrote: Most software installs fail as a result of missing libraries. I would like to see a central repository for all libraries, old, new and development. A repository that when a library dependancy needs to be satisfied, the installer be it RPM, APT or anyone elses, can automatically access and download the appropriate version of library required. This repository should only hold nothing but libraries, no software, no packages, just libraries with a searchable capability that one could also manually search and download ones needs. Just curious... have you ever actually used Debian? When you write to a list comprised of Debian developers that concentrates on Debian software and library packaging needs to suggest something we've been doing that for years now, I have to wonder why. If you want to install software from Debian, all of our package installation methods automatically install all the libraries (and, optionally, any other recommended or suggested software) required for full operation. That's what we do. I'm not sure of the point of your suggestion-- having used more Red Hat systems in the past year than bears thinking about, I can see how you might think it useful for them, but even in that case, you have different libc versions, compiler revs, architectures and sometimes even kernels to keep track of, not to mention the version numbers of the libraries. The only sensible solution is to package libraries as part of a distribution, in which case I fail to see the utility of your idea. With the version numbers used in linux there is no fear as there is in the other OS of overlaying and existing library that would result in the breaking of other software. It would be no problem to run the same library beside its earlier parent satisfying the need of all software. Unless the new library was binary-incompatible with the old, requiring new revs of all the programs it uses. And then maybe the new library calls executables that don't exist, requiring you to install new software packages to handle that. At this point, it sounds like we're back to packaging libraries as part of a complete distribution, in which case I'm afraid your 'library-only' archive will not be of much use. Along with this there should be a tool that will allow the cleaning up of ones libraries based on lack of activity so that the directories holding libraries such as /lib can be safely maintained and kept from growing out of hand. Hrm. Sounds a lot like dpkg, combined with deborphan. Thanks to all open source developers for the work that has and continues to be done. You're welcome. :) -=Eric
Re: gimp1.2: gimp package suggest non-free software
reopen 220363 thanks Anthony Towns aj@azure.humbug.org.au a tapoté : On Wed, Nov 12, 2003 at 08:00:44AM +0100, Mathieu Roy wrote: Package: gimp1.2 Version: 1.2.3-2.4 Severity: normal Installed the gimp, I got a message suggesting me to install gimp1.2-nonfree If you don't want to install it, don't install it. This isn't a bug. Report closed with this message. Are you kidding? Do you really think that I'm the only person to find UNACCEPTABLE that a package in mail suggests packages in non-free, which ARE NOT PART OF DEBIAN? Are you really think that it is acceptable, when some people propose to clearly drop non-free of debian, to pretend that this problem isn't one? Have you checked why it is no longer possible to save as images gif with the package Gimp in main? If you don't, please, keep off your hands from this report. -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
* Mathieu Roy | Installed the gimp, I got a message suggesting me to install | gimp1.2-nonfree Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. -- Tollef Fog Heen,''`. UNIX is user friendly, it's just picky about who its friends are : :' : `. `' `-
Re: Removal of LaTeX2HTML from main
On Wed, Nov 12, 2003 at 08:15:19AM +0100, Mathieu Roy wrote: Can someone provide a link to a clear explanation about latex2html being non-free? Read the latest DWN
Re: gimp1.2: gimp package suggest non-free software
Tollef Fog Heen [EMAIL PROTECTED] a tapoté : * Mathieu Roy | Installed the gimp, I got a message suggesting me to install | gimp1.2-nonfree Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. 1) Do you have a pointer that give that information in the debian policy? 2) Why the gimp cannot any longer save gif files without installing non-free software? -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: Removal of LaTeX2HTML from main
[EMAIL PROTECTED] (Isaac Clerencia) a tapoté : On Wed, Nov 12, 2003 at 08:15:19AM +0100, Mathieu Roy wrote: Can someone provide a link to a clear explanation about latex2html being non-free? Read the latest DWN You mean the DWN from yesterday which has not already been translated? Ok, thanks. In case someone else is wondering, the explanation is finally there: http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00383.html -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 09:27:35AM +0100, Tollef Fog Heen wrote: * Mathieu Roy | Installed the gimp, I got a message suggesting me to install | gimp1.2-nonfree Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. Anyway Mathieu Roy does not agree the DFSG. I don't understand why he is still in New Maintainer queue. Cheers, -- Pierre Machard [EMAIL PROTECTED] http://debian.org GPG: 1024D/23706F87 : B906 A53F 84E0 49B6 6CF7 82C2 B3A0 2D66 2370 6F87 pgpvGn6oO7Bxg.pgp Description: PGP signature
Re: Removal of LaTeX2HTML from main
On Wed, Nov 12, 2003 at 09:56:44AM +0100, Mathieu Roy wrote: Read the latest DWN You mean the DWN from yesterday which has not already been translated? Ok, thanks. In case someone else is wondering, the explanation is finally there: http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00383.html Yes, I mean the DWN from where you have grab that link ...
Re: Kernel 2.4.22-k7-1: initrd cannot mount proc from cramfs image
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 If you're using busybox then try regenerating the initrd image with BUSYBOX=no. I did not generate the image, i'm using a stock kernel-image-2.4.22-1-k7 package, no trace of busybox in the initrd image, and it's not even installed on this machine. Do you suggest I try mkinitrd'ing a new image anyway? Since there are no other ideas, I'll open a bug in the BTS. - -- There are, in the end, no worthwhile things in the world; there are only worthwhile doings. -- Steve Talbott, NetFuture Nicola Larosa - [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD4DBQE/sfQ9Xv0hgDImBm4RAgsNAJi19ykLtxlhxsfhzqeCjoLJPKZuAKCSE1oH mRVNt0w01ln2z9/E9kzqSw== =weE1 -END PGP SIGNATURE-
Re: gimp1.2: gimp package suggest non-free software
On Wed, 2003-11-12 at 10:53, Mathieu Roy wrote: Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. 1) Do you have a pointer that give that information in the debian policy? http://www.debian.org/doc/debian-policy/ch-archive.html#s-main ...the packages in main * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), ... Note, no mention of Suggests. 2) Why the gimp cannot any longer save gif files without installing non-free software? See the description of the gimp1.x-nonfree packages (apt-cache show packagename): This package includes GIF support for The GNU Image Manipulation Program. These files are not freely available; their use is disallowed by the UNISYS patent on LZW compression in some countries. It is possible that the patent has expired in your country of residence. See the copyright file contained in this package for dates of expiration in countries which are known to have this patent. Use at your own legal risk. For more information, see http://burnallgifs.org/ -- Fabian Fagerholm [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Re: gimp1.2: gimp package suggest non-free software
On Wed, 12 Nov 2003, Mathieu Roy wrote: 1) Do you have a pointer that give that information in the debian policy? Policy 2.2.1: Every package in main and non-US/main must comply with the DFSG (Debian Free Software Guidelines). In addition, the packages in main * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), * must not be so buggy that we refuse to support them, and * must meet all policy requirements presented in this manual. 2) Why the gimp cannot any longer save gif files without installing non-free software? The software itself is free, but the algorithm necessary to save GIF files (LZW) is patent encumbered in certain parts of the planet, and the patent is actively being enforced (or at least bludgeoned.) Don Armstrong -- There's nothing remarkable about it. All one has to do is hit the right keys at the right time and the instrument plays itself. -- Bach http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu signature.asc Description: Digital signature
Re: gimp1.2: gimp package suggest non-free software
Fabian Fagerholm [EMAIL PROTECTED] a tapoté : On Wed, 2003-11-12 at 10:53, Mathieu Roy wrote: Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. 1) Do you have a pointer that give that information in the debian policy? http://www.debian.org/doc/debian-policy/ch-archive.html#s-main ...the packages in main * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), ... Note, no mention of Suggests. No mention is not necessarily approval. It may be just something forgot. 2) Why the gimp cannot any longer save gif files without installing non-free software? See the description of the gimp1.x-nonfree packages (apt-cache show packagename): This package includes GIF support for The GNU Image Manipulation Program. These files are not freely available; their use is disallowed by the UNISYS patent on LZW compression in some countries. It is possible that the patent has expired in your country of residence. See the copyright file contained in this package for dates of expiration in countries which are known to have this patent. Use at your own legal risk. For more information, see http://burnallgifs.org/ So you confirm what I thought (yes, I checked this page before): - the support for GIF creation inside the main gimp package, in main, has been removed in favor of a package in non-free, that provide the same functionality (plus patented compression). I think this is a serious bug: the functionality of the free version has been lowered to promote patent emcumbered package. -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
Pierre Machard [EMAIL PROTECTED] a tapoté : On Wed, Nov 12, 2003 at 09:27:35AM +0100, Tollef Fog Heen wrote: * Mathieu Roy | Installed the gimp, I got a message suggesting me to install | gimp1.2-nonfree Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. Anyway Mathieu Roy does not agree the DFSG. I don't understand why he is still in New Maintainer queue. 1) What does it have to do here? 2) Do you have any valid proof of what you claim? Please, avoid being a liar, this is a very bad attitude. Keep your personal feeling out of this mailing-list, I do not give a toss about it and I think that noone else does. If you have anything on topic to do, you are welcome to reply to this mail. -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
On Wed, 2003-11-12 at 11:27, Mathieu Roy wrote: http://www.debian.org/doc/debian-policy/ch-archive.html#s-main ...the packages in main * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), ... Note, no mention of Suggests. No mention is not necessarily approval. It may be just something forgot. If there is an error or omission in policy, that is an entirely different thing. The current policy still has to be followed. It is the current agreement. No additional assumptions can be made. If you think that policy is flawed, then what do you intend to do about it? So you confirm what I thought (yes, I checked this page before): - the support for GIF creation inside the main gimp package, in main, has been removed in favor of a package in non-free, that provide the same functionality (plus patented compression). I think this is a serious bug: the functionality of the free version has been lowered to promote patent emcumbered package. I don't understand what you mean. Do you have a solution to the patent problem, perhaps? Or are you suggesting that a compression-free version of the GIF format be supported by the gimp package in main? -- Fabian Fagerholm [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Re: gimp1.2: gimp package suggest non-free software
Don Armstrong [EMAIL PROTECTED] a tapoté : 2) Why the gimp cannot any longer save gif files without installing non-free software? The software itself is free, but the algorithm necessary to save GIF files (LZW) is patent encumbered in certain parts of the planet, and the patent is actively being enforced (or at least bludgeoned.) I am pretty aware of the details of this patent. But it was said in many places that it was possible to make GIF files without using LZW. It means that LZW is not an algorigthm necessary to save GIF files, but to get an optimum compression, which is not a priority here. Does this situation changed? http://www.gnu.org/philosophy/gif.html It is also possible to create GIFs using a patent-free run length encoding but this doesn't achieve the compression that one normally expects in a GIF. If not, why incitating people to get non-free stuff while you just can provide a Gimp that can save GIF without LZW? -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
Mathieu Roy [EMAIL PROTECTED] wrote: Tollef Fog Heen [EMAIL PROTECTED] a tapoté : * Mathieu Roy | Installed the gimp, I got a message suggesting me to install | gimp1.2-nonfree Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. 1) Do you have a pointer that give that information in the debian policy? [...] Policy 2.2.1. + Consensus on this ML. (see recent libdscaler-thread.) cu andreas
Re: gimp1.2: gimp package suggest non-free software
Fabian Fagerholm [EMAIL PROTECTED] writes: * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), ... Note, no mention of Suggests. No mention is not necessarily approval. It may be just something forgot. If there is an error or omission in policy, that is an entirely different thing. The current policy still has to be followed. It is the current agreement. No additional assumptions can be made. It must not require [...] for execution Suggested packages are just nice addons for something, not required. They are for users to see what other packages could be nice to have. So it is ok to Suggest Packages outside of main. -- bye Joerg maxx Aqua mach mal man brain Aquariophile maxx: schon probiert das gibts ned pgpAGqmxGVjSl.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
Mathieu Roy [EMAIL PROTECTED] writes: If not, why incitating people to get non-free stuff while you just can provide a Gimp that can save GIF without LZW? If it isnt already there - write a patch for it if you want that. -- bye Joerg A.D. 1492: Christopher Columbus arrives in what he believes to be India, but which RMS informs him is actually GNU/India. pgpAZpvkRAFJ7.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
Le mer 12/11/2003 à 10:31, Mathieu Roy a écrit : If you have anything on topic to do, you are welcome to reply to this mail. The whole thread is off-topic on this list. -- .''`. Josselin Mouette/\./\ : :' : [EMAIL PROTECTED] `. `'[EMAIL PROTECTED] `- Debian GNU/Linux -- The power of freedom signature.asc Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?=
Re: gimp1.2: gimp package suggest non-free software
On Wed, 12 Nov 2003, Mathieu Roy wrote: If not, why incitating people to get non-free stuff while you just can provide a Gimp that can save GIF without LZW? Because no such non-LZW plugin exists for the GIMP. [And since people may wonder why they can't save GIFs, it is appropriate for the package to Suggest: gimp-nonfree.][1] In around a year or so, the non-free portion of the GIMP will move back into main anyway. Don Armstrong 1: Packages like this that are non-Free only because of the decisions of a particular jurisdiction, eg. software patents, don't concern me as much as packages that are not free because of licensing terms. This particular bit of code is not free purely because of the jurisdictions in which the major mirrors reside. -- ...Yet terrible as UNIX addiction is, there are worse fates. If UNIX is the heroin of operating systems, then VMS is barbiturate addiction, the Mac is MDMA, and MS-DOS is sniffing glue. (Windows is filling your sinuses with lucite and letting it set.) You owe the Oracle a twelve-step program. --The Usenet Oracle http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu signature.asc Description: Digital signature
Re: ITP: 1-mb-random-data -- one megabyte of pseudo-random data
Scripsit Joey Hess [EMAIL PROTECTED] Description : one megabyte of pseudo-random data I intend to dd if=3D/dev/urandom of=3Ddebian/tmp/usr/lib/1-mb-random-data Please, please, no! /dev/urandom does not reliably deliver pseudo-random data. There is a chance that fresh entropy will arrive in the middle of the computation and mess up with the pseudoness. This may happen at a buildd even if the package you build yourself does seem to be pseudo. How you you imagine fixing that? Or even discover that something has gone wrong? The mere fact that you make this suggestion without sufficiently researching the subject matter clearly shows that you're inherently unable to create Debian packages reliably. -- Henning Makholm Check the sprog.
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 09:25:23AM +0100, Mathieu Roy wrote: reopen 220363 thanks Please do not abuse the BTS. If you want to discuss it, feel free to do so, but this is not a bug in the gimp package. Are you kidding? Do you really think that I'm the only person to find UNACCEPTABLE that a package in mail suggests packages in non-free, which ARE NOT PART OF DEBIAN? As you're not a member of the Debian project, you don't get any say in what's to be accepted or not. And given that you appear to have a religious objection, there doesn't seem any point discussing this matter with you. Bug again closed with this message. Cheers, aj -- Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/ I don't speak for anyone save myself. GPG signed mail preferred. Australian DMCA (the Digital Agenda Amendments) Under Review! -- http://azure.humbug.org.au/~aj/blog/copyright/digitalagenda pgp5Q52vf8Ydi.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 10:54:29AM +0100, Mathieu Roy wrote: http://www.gnu.org/philosophy/gif.html It is also possible to create GIFs using a patent-free run length encoding but this doesn't achieve the compression that one normally expects in a GIF. If not, why incitating people to get non-free stuff while you just can provide a Gimp that can save GIF without LZW? RMS on the same page says: Therefore, we don't use GIF, and we hope you won't use it either. and later: We decided not to use these pseudo-GIFs on our web site because they are not a satisfactory solution to the community's problem. They work, but they are very large. What the web needs is a patent-free compressed format, not large pseudo-GIFs. So, what you need this fsckin' GIF for? Cheers Artur
Re: Bug#219942: ITP: zope-textindexng2 -- Fulltext index for Zope
On Mi, 2003-11-12 at 07:44, Andreas Tille wrote: On Tue, 11 Nov 2003, Joe Drew wrote: This is the new fulltext index for Zope and is the most feature-complete solution for fulltext indexing under Zope. Supported Formats: HTML, PDF, Postscript, WinWord, PowerPoint, OpenOffice Again, s/fulltext/full text/g. What does this mean? Can I search Zope using this index? More details should be added. Would this be OK: This is the new full text index for Zope objects and is the most feature-complete solution for full text indexing under Zope. . Supported Formats: HTML, PDF, Postscript, WinWord, PowerPoint, OpenOffice How about mentioning ZCatalog in some way? Greetings, Igor
Re: gimp1.2: gimp package suggest non-free software
Anthony Towns aj@azure.humbug.org.au a tapoté : On Wed, Nov 12, 2003 at 09:25:23AM +0100, Mathieu Roy wrote: reopen 220363 thanks Please do not abuse the BTS. If you want to discuss it, feel free to do so, but this is not a bug in the gimp package. If you consider that not being a bug, please never claim that Debian does not advertise non-free software -- yes, this claim was made several times, but maybe not by you. Because it clearly incitates users to put non-free is apt sources. Are you kidding? Do you really think that I'm the only person to find UNACCEPTABLE that a package in mail suggests packages in non-free, which ARE NOT PART OF DEBIAN? As you're not a member of the Debian project, you don't get any say in what's to be accepted or not Apparently you forget about a specific part of the Social Contract. (Our Priorities are Our Users and Free Software...) . And given that you appear to have a religious objection Does this assertion have any ground? , there doesn't seem any point discussing this matter with you. Sure, keep lowering the quality of Debian in matter of freedom, there's no matter discussing that. (I suppose that mozilla should advertise from macromedia website, at this point). -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: ITP: 1-mb-random-data -- one megabyte of pseudo-random data
On Wed, Nov 12, 2003 at 11:17:57AM +0100, Henning Makholm wrote: | Please, please, no! /dev/urandom does not reliably deliver | pseudo-random data. There is a chance that fresh entropy will arrive | in the middle of the computation and mess up with the pseudoness. No, I already covered that in another message. See: http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg00876.html | This may happen at a buildd even if the package you build yourself | does seem to be pseudo. How you you imagine fixing that? Or even | discover that something has gone wrong? But there are porting teams to handle that. The kernel /dev/urandom device already has to handle pseudoness on each architecture anyway, so if it doesn't work we're really just exposing a bug in the buildd, which is a Good Thing. My package has been made and I'm testing it right now. It works fine for me. I know how pseudo randomness works, so RTFMing about entropy can be done later. It's not a fundamental flaw in my package, it's just a bug which I'll soon fix. You're welcome to file a bug against my package if it's still there once it enters the archive. Besides, you're just hassling me about all these problems that the current randomness in Debian already has! I'm not making a truly new randomness package, the maintainer behind the scenes is God who's already written entropy for the upstream laws of Physics works now. I just make the package that is based on his patches. | The mere fact that you make this suggestion without sufficiently | researching the subject matter clearly shows that you're inherently | unable to create Debian packages reliably. That's objective! My contribution to the Debian project is being discouraged and ignored by trolls who clearly don't understand the informal standards of how Debian works. There's no point in continuing this thread if all you're going to do is provide slanderous arguments.
Closing. (Was: Re: Bug#219582: ITP: linux -- Linux 2.4 kernel)
On Fri, Nov 07, 2003 at 02:37:35PM +0100, Robert Millan wrote: Package: wnpp Severity: wishlist * Package name: linux Version : 2.4.22 Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: http://www.kernel.org/pub/linux/kernel/CREDITS * URL : http://www.kernel.org/ * License : GPL Description : Linux 2.4 kernel The discussion on this ITP has reached dead end. I'm closing it. I just asked the ftp-masters to Reject my upload. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion) signature.asc Description: Digital signature
Re: gimp1.2: gimp package suggest non-free software
On Nov/12, Mathieu Roy wrote: As you're not a member of the Debian project, you don't get any say in what's to be accepted or not Apparently you forget about a specific part of the Social Contract. (Our Priorities are Our Users and Free Software...) Note that Users goes before Free Software. It can be useful for our users to recommend gimp-nonfree in this case. . And given that you appear to have a religious objection Does this assertion have any ground? Yes. Your response is disproportionated. You seem to have been personally offended by this issue, and it shouldn't be like that. Take it easy. Breath deeply. Take a nap. Eat some chocolate. Sure, keep lowering the quality of Debian in matter of freedom, there's no matter discussing that. I don't see how making more packages available to our users is lowering the quality of Debian in matter of freedom. I could understand it if it was the opposite, i.e., making *less* packages available (restricting the freedom of our users to choose). But anyway, I never understood why so much fuss for the non-free section removal, so I'm not the most suited to speak about it. (I suppose that mozilla should advertise from macromedia website, at this point). Why? Does Macromedia support Mozilla in some way? (I'm genuinely interested in this; if it's true, I had no knowledge about it) -- Roberto Suarez Soto Alfa21 Outsourcing [EMAIL PROTECTED]http://www.alfa21.com
Version Updating Question
Hi! It will not be necessary to name it 1.0really, but as many others do: 1.0final... What about that one? Rolly
Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
Package: wnpp Severity: wishlist * Package name: linux-experimental Version : 2.4.22 Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: http://www.kernel.org/pub/linux/kernel/CREDITS * URL : http://www.kernel.org/ * License : GPL Description : Linux 2.4 kernel [EXPERIMENTAL PACKAGE] Linux 2.4 kernel re-packaged as a standard Debian package. For details, see: http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg00204.html Package sources available in: http://people.debian.org/~rmh/linux/ List of benefits on this package: http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg00414.html It will be uploaded only to experimental, untill I have proven it can address all the technical problems formerly mentioned and hence is mature enough for unstable. -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux aragorn 2.4.22 #1 ds nov 8 19:02:14 CET 2003 i686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]
Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 03:37:29PM +1100, Russell Coker wrote: On Wed, 12 Nov 2003 14:11, Javier Fernández-Sanguino Peña wrote: That would need a reimplementation of some (all?) of the servers. Wouldn't it? Old ones (cistron, livingston) call getpwnam()|getspnam() to retrieve the user's encrypted passwords. New ones (freeradius) can alternatively talk with a myriad of authentication services... Cistron in woody uses PAM so does not appear to have any problems in this regard. The same for my yardradius and probably xtradius. System password checking is present for portability with non-linux platform essentially, and for historical reasons, too. A lots of those servers are derived from the original livingston's implementation, but all add alternatives forms of authentication and accounting. It's an admin's choice. -- Francesco P. Lovergine
Re: Bug#219582: ITP: linux -- Linux 2.4 kernel
On Tue, Nov 11, 2003 at 04:02:14PM +, Andrew Suffield wrote: On Tue, Nov 11, 2003 at 02:47:14PM +0100, Robert Millan wrote: However, for the matter of finding out wether there will be much people in that userbase, there's the Popularity Contest. Some people just never learn. I know, but I don't expect Popularity Contest to teach everyone. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: Bug#219582: ITP: linux -- Linux 2.4 kernel
On Tue, Nov 11, 2003 at 03:48:26PM +, Andrew Suffield wrote: On Tue, Nov 11, 2003 at 11:40:11PM +1100, Jamie Wilkinson wrote: There are already several forks of the Linux kernel in Debian anyway. Robert wishes to attempt to unify them, does that not grant him use of the name 'linux'? No he doesn't. He wants to create a new arbitrary patch set, in a context where arbitrary patch sets have always been given distinct names, and to call it by the vanilla name. It's irresponsible. You're deliberately confusing the upstream name with the Debian patchset. He doesn't even have the slim excuse of being implicitly the Debian variant, because there would be two. All this can create is confusion. As I said before, I'm using the patches in kernel-patch-debian. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: Bug#219582: ITP: linux -- Linux 2.4 kernel
On Tue, Nov 11, 2003 at 05:14:02PM +0100, Eike Sauer wrote: Robert Millan schrieb: On Tue, Nov 11, 2003 at 02:17:10PM +0100, Eike Sauer wrote: Robert Millan schrieb: I don't see why. I have a bunch of resources to find a solution for this trivial bug. [...] I didn't want to imply that. I was referring to general packaging resources like preinst script, debconf, etc. These are not ressources to *find* bugs AFAIK. It still seems to me you are not very concerned about squashing bugs and/or preserving features *before* releasing. No, to find the solution, not the bug itself. The most valuable resource to find bugs is a clued userbase, of course. Agreed. But the discussion on system.map started with someone claiming the bug implied either a dessign problem in my package or that I'm incompetent. It might have come up due to the wrong reasons (I don't judge), but you have to care for it neverheless. I do care. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: ITP: 1-mb-random-data -- one megabyte of pseudo-random data
[ CCing debian-hurd ] Hi Joey, On Wed, Nov 12, 2003 at 01:08:55AM -0500, Joey Hess wrote: Package: wnpp Severity: wishlist * Package name: 1-mb-random-data Version : 1 Upstream Author : entropy * URL : /dev/urandom * License : ? (may violate various licenses at random, though probably won't) Description : one megabyte of pseudo-random data I intend to dd if=/dev/urandom of=debian/tmp/usr/lib/1-mb-random-data I don't know what use this will be, but popularity-contest will tell us, in time, if some users have found a use for it. If so, I may at a later date package 2-mb-random-data, 1 gb-null-data, etc. The possibilities are endless! Sounds interesting. There's no random translator yet integrated in the Hurd package, so it might be useful at least for the GNU/Hurd port. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 02:07:27AM +0100, Javier Fernández-Sanguino Peña wrote: On Tue, Nov 11, 2003 at 02:02:49PM -0500, Matt Zimmerman wrote: On Tue, Nov 11, 2003 at 11:52:00AM -0600, Steve Langasek wrote: The packages at http://www.tbble.com/freeradius/ will be sponsored into the archive as soon as I've had a chance to review them (this week). This thing is packed full of strcpy() and strcat(), which is the sort of sloppiness that I don't like to see in a network server. It was a great Which flawfinder flawlessly points out, but this also appears in the current radiusd servers we are shipping. In any case, I'm also worried about these: ./src/main/mainconfig.c:267 [5] (race) chown: [shouldn't fchown() be used instead?] and ./src/modules/rlm_krb5/rlm_krb5.c:201 [3] (tmpfile) tmpnam: Temporary file race condition. [tmpnam should be avoided and tempfile() used instead] Also on my TODO list now. Thankyou. I'll have to go look into flawfinder as well. That looks interesting. blessing to find that we weren't shipping this in woody when the last batch of security problems was discovered. Also, just another question. Is there any reason why it needs to run as root? (as I believe it does in the current Debian package) Would it be unreasonable to ask it to run as a 'radiusd' user? FreeRADIUS hasn't run as root since I got my hands on it in the upstream CVS. It wasn't supposed to run as root in the 0.71 packages that were NMU'd, nor did it intend run as root in the 0.5 packages... It did run as root in the latter one, due to a change in the upstream config (The default upstream config now runs as root, but the debian/rules script un-comments the lines in the config during build.) Maybe I'm mistaken, but the rpm spec file seems to use a 'radiusd' user whileas the Debian rules package does not. I would be more confident with the package if it was built this way. At least a security problem in its code (if found) would lead to a remote 'radiusd' compromise (but not 'root') an important difference. I don't know what debian/rules file you're looking at, since the bug report in the DBS relating to this has my patch to fix it, and both the current stable and unstable debian/ filesets do not run as root. It does adduser freerad shadow on first installation, but not after that (on the advice of Steve Langasek) to allow the local authentication code to work, and to give the admin the freedom to disable this for added security if they're not using the local authentication code. However, this is the way that currently the radiusd packages we provide (radiusd-cistron and radiusd-livingston) seem to operate. Is this at all necessary? (after all they use their separate users database) PS: I'm not particularly worried about freeradius, I'm just raising some questions. It seems that our radiusd packages suffer from similar (if not worst) security issues and, furthermore, are not (I believe) that actively maintained upstream. Livingston begat YardRADIUS. I'd assumed Livingston was dead upstream, although I did see one of the Bugtraq postings mention RADIUS (Formerly livingston) although the version number was the same as the Livingston RADIUS server listed... Cistron begat FreeRADIUS. FreeRADIUS is certainly actively maintained upstream. xtRADIUS is also begat of Cistron. I'd assumed that Cistron is dead upstream too, and xtRADIUS active. There's also gnuradius, which doesn't appear in Debian. This is why so many of them suffer similar security bugs, as soon as one finds one, the others go look in the same place. -- --- Paul TBBle Hampson, MCSE 6th year CompSci/Asian Studies student, ANU The Boss, Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] No survivors? Then where do the stories come from I wonder? -- Capt. Jack Sparrow, Pirates of the Caribbean This email is licensed to the recipient for non-commercial use, duplication and distribution. --- signature.asc Description: Digital signature
Re: Bug#219582: ITP: linux -- Linux 2.4 kernel
On Tue, Nov 11, 2003 at 03:29:04PM +, Colin Watson wrote: Either satisfies the first part of my question, but at least your second option doesn't satisfy the second part of my question. I'll repeat: without leaving old System.map junk around for eternity When would you clean up the backups you've created? I decided I'll spend my time actualy implementing it instead of responding to this sort of trivial questions. Then you can look at the package and find the answer yourself. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: Closing. (Was: Re: Bug#219582: ITP: linux -- Linux 2.4 kernel)
On Thu, 2003-11-13 at 00:23, Zenaan Harkness wrote: On Wed, 2003-11-12 at 22:31, Robert Millan wrote: On Fri, Nov 07, 2003 at 02:37:35PM +0100, Robert Millan wrote: Package: wnpp Severity: wishlist * Package name: linux Version : 2.4.22 Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: http://www.kernel.org/pub/linux/kernel/CREDITS * URL : http://www.kernel.org/ * License : GPL Description : Linux 2.4 kernel The discussion on this ITP has reached dead end. I'm closing it. I just asked the ftp-masters to Reject my upload. This is sad to see. I hope it was for purely technical reasons. If you do decide to package linux again, be sure to let us know again. I for one _would_ appreciate having a debian-standard linux package. I actually imagine still using the current debian kernels (I have traditionally customized my kernels a lot), but I have no doubt I could get used to a standard pack... Happy packaging, Zen Just saw resubmit to -experiemental... so we'll see what comes of this... cheers zen
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
On Wed, Nov 12, 2003 at 12:36:27PM +0100, Robert Millan wrote: Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: He no longer works for transmeta. Should be changed? J -- Jesus Climent info:www.pumuki.org Unix SysAdm|Linux User #66350|Debian Developer|2.4.22|Helsinki Finland GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429 7E18 66FC 1D7F 8694 6D69 There's nothing that can't be done. --McManus (The usual suspects)
Re: Security liabilities (Re: radiusd-freeradius history and future)
On Tue, Nov 11, 2003 at 07:44:01PM -0500, Matt Zimmerman wrote: On Wed, Nov 12, 2003 at 09:18:38AM +1100, Paul Hampson wrote: On Tue, Nov 11, 2003 at 04:30:50PM -0500, Matt Zimmerman wrote: CAN-2001-1376 and CAN-2001-1377 made the rounds last Spring, with advisories from Red Hat, FreeBSD, SuSE, Conectiva, CERT, etc. These affected multiple RADIUS implementations, of which FreeRADIUS was one, and required large quantities of problematic code to be patched. The fixed FreeRADIUS was out December 2001[2], 6 days before the vendor notifications came out. A new release is nice enough for those who are installing from source and want the latest features, but this: 294 files changed, 13608 insertions(+), 2238 deletions(-) is not acceptable for a security update. True. Since I'm already being fairly hard-line about what goes into stable versions of FreeRADIUS, I don't expect to have too much trouble backporting security fixes if and when this ends up in a stable Debian release. I wholehartedly agree that a security update isn't an oportunity to upgrade stable to the latest version. I love stable because it's stable. We ship cistron, livingston/lucent, xtradius and yardradius in woody. freeradius was in unstable until recently. I'm sure they all share at least some code. Well, there's two RADIUS families there... I mentioned this in another email, and most of that knowledge comes from the descriptions of the Debian packages involved. I can't even remember whether xtradius was properly reviewed or not. Of course, we never heard from the maintainer, even in the year following the disclosure of the bugs. This is exactly the kind of situation I don't want going forward...there is so much neglected software in Debian that bugs like these sometimes go unnoticed, or even if they are noticed, the maintainer doesn't care enough about stable to let anyone know about it. Maintainers are our first line of defense against security problems, and usually the best informed about their status, and yet maintainers who actively participate in the security update process represent a minority (a valuable one). Indeed. Since I'm actively targetting stable with this package, as that's where my primary production RADIUS server is, I expect to stay clear of the category doesn't care enough about stable. I hope the six months or so I've been hammering away at the upstream debian/ directory (amongst other things) stands me in good stead for this. :-) -- --- Paul TBBle Hampson, MCSE 6th year CompSci/Asian Studies student, ANU The Boss, Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] No survivors? Then where do the stories come from I wonder? -- Capt. Jack Sparrow, Pirates of the Caribbean This email is licensed to the recipient for non-commercial use, duplication and distribution. --- signature.asc Description: Digital signature
Re: status of Progeny projects
Peter Zoeller schrieb: I have been long time user of linux and I find the greatest weakness to be the ability to easily install applications which seems to be the intent of this group. I allways found it less easy to - go to mozilla website - find the appropriate binary - download it - run the installer - answer some qeustions - delete the installer than to - apt-get install mozilla. Ciao, Eike
Re: Closing. (Was: Re: Bug#219582: ITP: linux -- Linux 2.4 kernel)
On Wed, 2003-11-12 at 22:31, Robert Millan wrote: On Fri, Nov 07, 2003 at 02:37:35PM +0100, Robert Millan wrote: Package: wnpp Severity: wishlist * Package name: linux Version : 2.4.22 Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: http://www.kernel.org/pub/linux/kernel/CREDITS * URL : http://www.kernel.org/ * License : GPL Description : Linux 2.4 kernel The discussion on this ITP has reached dead end. I'm closing it. I just asked the ftp-masters to Reject my upload. This is sad to see. I hope it was for purely technical reasons. If you do decide to package linux again, be sure to let us know again. I for one _would_ appreciate having a debian-standard linux package. I actually imagine still using the current debian kernels (I have traditionally customized my kernels a lot), but I have no doubt I could get used to a standard pack... Happy packaging, Zen
Re: radiusd-freeradius history and future
In article [EMAIL PROTECTED], Paul Hampson [EMAIL PROTECTED] wrote: Cistron begat FreeRADIUS. FreeRADIUS is certainly actively maintained upstream. xtRADIUS is also begat of Cistron. I'd assumed that Cistron is dead upstream too, and xtRADIUS active. Cistron radius is not dead. It's just in maintenance mode - only bugfixes will be made, no major new functionality. That's what freeradius is for. Mike.
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
On Wed, Nov 12, 2003 at 02:31:17PM +0100, Jesus Climent wrote: On Wed, Nov 12, 2003 at 12:36:27PM +0100, Robert Millan wrote: Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: He no longer works for transmeta. Should be changed? [EMAIL PROTECTED] is ok now. -- Francesco P. Lovergine
Re: POSIX capabilities patch
On Tue, Nov 11, 2003 at 07:11:47PM -0700, Hans Fugal wrote: In order to get realtime capabilities, jackd can be run with a suid wrapper (jackstart), instead of being run as root, if the following patch is applied to the kernel: It has implication for libcap* packages too, doesn't it? -- Francesco P. Lovergine
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
On Wed, Nov 12, 2003 at 02:31:17PM +0100, Jesus Climent wrote: On Wed, Nov 12, 2003 at 12:36:27PM +0100, Robert Millan wrote: Upstream Author : Linus Torvalds [EMAIL PROTECTED] and others, see: He no longer works for transmeta. Should be changed? s/transmeta.com/osdl.org/ J -- Jesus Climent info:www.pumuki.org Unix SysAdm|Linux User #66350|Debian Developer|2.4.22|Helsinki Finland GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429 7E18 66FC 1D7F 8694 6D69 There's nothing that can't be done. --McManus (The usual suspects) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Dios es real, a no ser que sea declarado como entero Jorge Bernal Koke http://sindominio.net/~koke/ Jabber-ID: [EMAIL PROTECTED] [EMAIL PROTECTED] || [EMAIL PROTECTED] .: www.augustux.org ::pulsar.gotdns.org:.
Re: POSIX capabilities patch
* Daniel Jacobowitz [Tue, 11 Nov 2003 at 22:18 -0500] I would want considerably more information on the security implications of allowing CAP_SETPCAP than either of those documents provides, if I were you. The POSIX capability code is notoriously subtle and prone to anger. Which is why I ask if it would not be appropriate as a Debian package. I am not a security expert, but OTOH people that want this functionality will manually patch anyway. My question is, is it appropriate to make it easier for them by creating a Debian package? -- Hans Fugal | De gustibus non disputandum est. http://hans.fugal.net/ | Debian, vim, mutt, ruby, text, gpg http://gdmxml.fugal.net/ | WindowMaker, gaim, UTF-8, RISC, JS Bach - GnuPG Fingerprint: 6940 87C5 6610 567F 1E95 CB5E FC98 E8CD E0AA D460 pgpGFaOd4AmdU.pgp Description: PGP signature
Re: POSIX capabilities patch
* Francesco P. Lovergine [Wed, 12 Nov 2003 at 14:48 +0100] It has implication for libcap* packages too, doesn't it? I would assume so. -- Hans Fugal | De gustibus non disputandum est. http://hans.fugal.net/ | Debian, vim, mutt, ruby, text, gpg http://gdmxml.fugal.net/ | WindowMaker, gaim, UTF-8, RISC, JS Bach - GnuPG Fingerprint: 6940 87C5 6610 567F 1E95 CB5E FC98 E8CD E0AA D460 pgpffCFrI3leI.pgp Description: PGP signature
Re: Common SSL CA Certificate Directory
On Tue, Nov 11, 2003 at 08:17:38PM -0600, Jerry Haltom wrote: Does Debian by Policy have a standard directory to store Certificate Authority certificates? I've run into the need to incorporate a certificate into a number of services on my system: web browsers, email clients, email servers, ldap clients, etc. Try the package `ca-certificates' -- it has a system for keeping track of such things. /* Steinar */ -- Homepage: http://www.sesse.net/
Re: gimp1.2: gimp package suggest non-free software
* Mathieu Roy wrote: Fabian Fagerholm [EMAIL PROTECTED] a tapoté : [...] Note, no mention of Suggests. No mention is not necessarily approval. It may be just something forgot. That's why Tollef suggests to discuss this on -policy. -- - nobse
Re: Bug#220363: gimp1.2: gimp package suggest non-free software
On Nov 11, 2003, at 11:00 PM, Mathieu Roy wrote: Installed the gimp, I got a message suggesting me to install gimp1.2-nonfree Discussion aside, this is a nonissue, since the gimp1.2-nonfree package is gone in unstable. I would very much like to close this bug. Does this solve this issue to your liking? Thanks very much, Ben
Re: POSIX capabilities patch
* Francesco P. Lovergine [Wed, 12 Nov 2003 at 14:48 +0100] It has implication for libcap* packages too, doesn't it? From libcap2's README.Debian: This library should be used in conjunction with the kernel patches from URL:http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.4-fcap/ (or a kernel.org mirror near you). You need to apply both the appropriate ea and fcaps patch in this order. See the README in this directory for up-to-date details. The fcaps patch appears to have the same change (and a whole lot more). The README found at the above URL states: 7. CAP_SETPCAP is no longer associated with the ability to set the capabilities of an arbitrary process. (Which was so awful a capability we're all pretty much relieved about this change.) I am not sure what precisely you can do with CAP_SETPCAP after this patch, but I imagine it just restricts which processes you can change (not just arbitrary). The arbitrary part is probably why it is disabled by default. I will investigate whether jackstart could be modified to use libcap2 with these patches. It looks like these patches require patching e2fsprogs too, though. -- Hans Fugal | De gustibus non disputandum est. http://hans.fugal.net/ | Debian, vim, mutt, ruby, text, gpg http://gdmxml.fugal.net/ | WindowMaker, gaim, UTF-8, RISC, JS Bach - GnuPG Fingerprint: 6940 87C5 6610 567F 1E95 CB5E FC98 E8CD E0AA D460 pgpI71qZx34cA.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
On Nov 12, 2003, at 1:27 AM, Mathieu Roy wrote: So you confirm what I thought (yes, I checked this page before): - the support for GIF creation inside the main gimp package, in main, has been removed in favor of a package in non-free, that provide the same functionality (plus patented compression). Matthieu, This is not the case. The GIF plugin from the main gimp source has been left completely untouched. Nothing has been removed in favor of anything. Because the gif plug-in contained code using the patented LZW algorithm, I simply split it out -- without changing it -- into a gimp1.2-nonfree package, to allow people who did not wish to deal with the patent issues to still install GIMP. The plug-in was not changed in any way. There is no plug-in for GIMP that allows gif creation without LZW compression as far as I know, and certainly not one available in the main source code. (If the gif plug-in linked with libgif, I could simply link it with libungif, but it does its own compression and would need to be re-written to use these libraries). If you still think this is an issue, please take it up with the upstream GIMP maintainers. Debian has not changed anything about the GIMP source code, only packaged its binaries in a way friendly to people who do not wish to install non-free software. As I mentioned in a response to the bug report, this is mostly a nonissue, since the LZW patent has expired in the US and I've merged the -nonfree package back into the main package in the unstable Debian distribution. Cheers, Ben
Re: Bug#220363: gimp1.2: gimp package suggest non-free software
Ben Gertzfield [EMAIL PROTECTED] a tapoté : On Nov 11, 2003, at 11:00 PM, Mathieu Roy wrote: Installed the gimp, I got a message suggesting me to install gimp1.2-nonfree Discussion aside, this is a nonissue, since the gimp1.2-nonfree package is gone in unstable. I would very much like to close this bug. Does this solve this issue to your liking? In some way, it does. Thanks. -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
Ben Gertzfield schrieb: As I mentioned in a response to the bug report, this is mostly a nonissue, since the LZW patent has expired in the US and I've merged the -nonfree package back into the main package in the unstable Debian distribution. As far as I know(*), the patent is still valid in Europe and Japan until mid 2004. Shouldn't this matter for an international project? Ciao, Eike (*) German source: http://www.heise.de/newsticker/data/atr-11.06.03-001/
Re: Bug#220289: general: make a new section: gis, for Geographic Information System packages
Hi, Debian needs a new Packages section, named gis, or perhaps geography or cartography, to prevent the mapping related packages from being scattered in sections graphics and science, and misc, etc.? as at present. I'd consider this section much too special. Why not sort out which category (science IMHO) is the right one and migrate there? How about science/geography? Simon -- GPG Fingerprint: 040E B5F7 84F1 4FBC CEAD ADC6 18A0 CC8D 5706 A4B4 signature.asc Description: Digital signature
Re: gimp1.2: gimp package suggest non-free software
On Nov 12, 2003, at 7:38 AM, Eike Sauer wrote: As far as I know(*), the patent is still valid in Europe and Japan until mid 2004. Shouldn't this matter for an international project? This is true, I believe. Whether or not the main GIMP source (distributed in main) is even allowed in Europe and Japan is another good question. How do we deal with this situation for other source projects that contain things like encryption that are outlawed in countries X, Y, and Z but OK in the US? The GIMP upstream authors have repeatedly shown no interest in this; plug-ins/common/gif.c contains code straight from 'compress'. Ben
Re: Bug#219959: ITP: mozilla-locale-eu -- Mozilla Basque Language Package
On Tue, Nov 11, 2003 at 04:59:45PM -0500, Joe Drew wrote: The mozilla-locale* packages need some uniformity to their short (and maybe long, I haven't looked) descriptions. (Mozilla $LANG Language Package, Mozilla $LANG language add-on, Mozilla $LANG language/region pack are all examples) I suggest Mozilla $LANG language support package, perhaps without support. I'll change the description if you manage to get everyone to accept this one :) A better generic long description for all the packages would be nice too. Jordi -- Jordi Mallach Pérez -- Debian developer http://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.sindominio.net/ GnuPG public key information available at http://oskuro.net/~jordi/ signature.asc Description: Digital signature
Re: Bug#219942: ITP: zope-textindexng2 -- Fulltext index for Zope
On Wed, 12 Nov 2003, Igor Stroh wrote: How about mentioning ZCatalog in some way? Any suggestions to enhance my latest version: This is the new full text index for Zope objects and is the most feature-complete solution for full text indexing under Zope. . TextIndexNG will live happily as pluggable index beneath all other existing Zope indexes. TextIndexNG is not supposed to be a replacement for the existing TextIndex. It will be an additional index. . Supported Formats: HTML, PDF, Postscript, WinWord, PowerPoint, OpenOffice Thanks for the hints Andreas. -- Sie schaffen eine Wüste und nennen es Frieden. -- Publius Cornelius Tacitus (55-120)
Re: radiusd-freeradius history and future
On Thu, Nov 13, 2003 at 12:19:02AM +1100, Paul Hampson wrote: On Wed, Nov 12, 2003 at 02:07:27AM +0100, Javier Fernández-Sanguino Peña wrote: Maybe I'm mistaken, but the rpm spec file seems to use a 'radiusd' user whileas the Debian rules package does not. I would be more confident with the package if it was built this way. At least a security problem in its code (if found) would lead to a remote 'radiusd' compromise (but not 'root') an important difference. I don't know what debian/rules file you're looking at, since the bug report in the DBS relating to this has my patch to fix it, and both the current stable and unstable debian/ filesets do not run as root. You are right. It does adduser freerad shadow on first installation, but not after that (on the advice of Steve Langasek) to allow the local authentication code to work, and to give the admin the freedom to disable this for added security if they're not using the local authentication code. Yes, I missed the 'adduser' calls in postinst. In any case, it would be nice if, instead of 'freerad' a generic 'radiusd' user was used so that it could be shared by different radius packages. Not that one would want to install different Radius servers and share the users file, but just for consistency and to avoid having multiple 'freerad', 'cistronrad', 'livingston' users. It might help if you have a cluster of servers and want ot have uniform usernames between them (even if running different implementations). Just a thought (maybe worthless) Regards Javi
Re: gimp1.2: gimp package suggest non-free software
Eike Sauer [EMAIL PROTECTED] a tapoté : Ben Gertzfield schrieb: As I mentioned in a response to the bug report, this is mostly a nonissue, since the LZW patent has expired in the US and I've merged the -nonfree package back into the main package in the unstable Debian distribution. As far as I know(*), the patent is still valid in Europe and Japan until mid 2004. Shouldn't this matter for an international project? As far I know, there are still no patent for software in Europe, whatever an European institution know to fail to comply to European rules may do. -- Mathieu Roy +-+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +-+
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 12:41:10PM +0100, Roberto Suarez Soto wrote: Sure, keep lowering the quality of Debian in matter of freedom, there's no matter discussing that. I don't see how making more packages available to our users is lowering the quality of Debian in matter of freedom. Oh, you think there's a positive correlation between quality and quantity, do you? ;) -- Steve Langasek postmodern programmer pgpOY2MWPZG2R.pgp Description: PGP signature
Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 03:36:40PM +1100, Russell Coker wrote: On Wed, 12 Nov 2003 13:47, Matt Zimmerman wrote: [...] unix_chkpwd is a reasonable solution to this. One possible solution to this is to have a special GID for non-root programs which are allowed to check passwords. I would be happy to code this if someone else wants to do the testing... We already have such a group, named shadow. In fact, I don't know why unix_chkpwd is setuid root rather than setgid shadow. Bug report #155583 has been open for over a year. I have repeated the tests of Lee and Robert and verified that it works fine as SETGID rather than SETUID. Also I believe that Lee's statement regarding NIS is incorrect, unix_chkpwd only does /etc/shadow. testing. You are wrong, unix_chkpwd does NIS (at least in the szenario I just tested). After changing unix_chkpwd from 4755 root:root to 2755 root:shadow a NIS user can not unlock the terminal he has just locked himself with vlock anymore. The NIS-server is configured with * : * : shadow.byname: port * : * : passwd.adjunct.byname : port and MERGE_PASSWD=false cu andreas
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
* Package name: linux-experimental I really don't care either way, but would you consider using kernel-linux-whatever instead? Just for consistency's sake. As someone else said, eventually there will be a kernel-freebsd or kernel-netbsd, and having an uniform scheme to call these things would be nice. -- Marcelo
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 12:10:02PM +0100, Mathieu Roy wrote: Apparently you forget about a specific part of the Social Contract. (Our Priorities are Our Users and Free Software...) I have a creepy feeling that you are not wearing a user hat but rather a hat of an organisation with a specific agenda. The current compromise of splitting gimp/gimp-nonfree is not ideal, but it's temporary measure anyway.. . And given that you appear to have a religious objection Does this assertion have any ground? Nobody but a religous nut would claim that providing a Suggests: link to software that is free (except for some parts of world) is evil. Sure, keep lowering the quality of Debian in matter of freedom, there's no matter discussing that. Sure, keep lowering the quality of debian-devel mailing list in matter or signal/noise ratio, If everyone of the 1784 list members used 1 minute reading your rants, we've just lost 4 workdays of creating a better debian. Please provide patches, not flames. Some contructive suggestions: 1) Eat some icecream and cool down. 2) Just wait until dust settles around lzw. 3) Add non-lzw gif saving support to gimp. 4) Patch apt-listchanges so that id doesn't mail about suggestions on packages that are not available. -- Riku Voipio|[EMAIL PROTECTED] | kirkkonummentie 33 |+358 40 8476974 --+-- 02140 Espoo| | dark A bad analogy is like leaky screwdriver |
Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 05:23:09PM +0100, Javier Fernández-Sanguino Peña wrote: It does adduser freerad shadow on first installation, but not after that (on the advice of Steve Langasek) to allow the local authentication code to work, and to give the admin the freedom to disable this for added security if they're not using the local authentication code. Yes, I missed the 'adduser' calls in postinst. In any case, it would be nice if, instead of 'freerad' a generic 'radiusd' user was used so that it could be shared by different radius packages. Not that one would want to install different Radius servers and share the users file, but just for consistency and to avoid having multiple 'freerad', 'cistronrad', 'livingston' users. Are you kidding? And link the security of freeradius processes to that of those old, crufty, scary packages? ;) [Over the years, I've had occasion to use each of these RADIUS implementations. While Livingston RADIUS is the granddaddy of them all, I don't think it ever got much peer review except in the form of forks -- like Cistron. And while Cistron was good at the time, and I trust Miquel's abilities, the security bar has been moved significantly from where it was when the freeradius reimplementation began.] -- Steve Langasek postmodern programmer pgpG6eB480LDx.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
On Wed, 12 Nov 2003 10:27:10 +0100, Mathieu Roy [EMAIL PROTECTED] said: Fabian Fagerholm [EMAIL PROTECTED] a tapoté : On Wed, 2003-11-12 at 10:53, Mathieu Roy wrote: Suggests are ok, Recommends and Depends are not ok. If you disagree with this, please discuss it on -policy, it's not a technical discussion. 1) Do you have a pointer that give that information in the debian policy? http://www.debian.org/doc/debian-policy/ch-archive.html#s-main ...the packages in main * must not require a package outside of main for compilation or execution (thus, the package must not declare a Depends, Recommends, or Build-Depends relationship on a non-main package), ... Note, no mention of Suggests. No mention is not necessarily approval. It may be just something forgot. Policy does not work that way. It is never meant to be exhaustive; if something is not mentioned in policy, it is up to the maintainers discretion. If you think that policy needs to be modified, filing bugs against unrelated packages is not the way to go. There is a well defined process for modifying policy, please use those mechanisms (since, unlike filing random bugs, following the prescribed procedures actually has a chance of getting policy changed). manoj -- Annex Canada now! We need the room, and who's going to stop us? A Tom Neff .signature Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 09:25:23AM +0100, Mathieu Roy wrote: Do you really think that I'm the only person to find UNACCEPTABLE that a package in mail suggests packages in non-free, which ARE NOT PART OF DEBIAN? Packages are free to suggest whatever the maintainer wishes; I wouldn't even consider it a particularly serious bug if the suggested package did not exist at all. If this really bothers you, write the two-line patch for apt-get to have it suppress display of suggested/recommended packages that are not available with your list of sources, and submit it as a wishlist bug against apt. Since you presumably do not have any non-free sources in your sources.list, this would prevent you from seeing these packages. -- - mdz
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
On Wed, Nov 12, 2003 at 11:26:26AM -0600, Marcelo E. Magallon wrote: * Package name: linux-experimental I really don't care either way, but would you consider using kernel-linux-whatever instead? Just for consistency's sake. As someone else said, eventually there will be a kernel-freebsd or kernel-netbsd, and having an uniform scheme to call these things would be nice. Seconded. -- Chad Walstrom [EMAIL PROTECTED] http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */ pgpjaebHxN0C9.pgp Description: PGP signature
Re: Security liabilities (Re: radiusd-freeradius history and future)
On Tue, Nov 11, 2003 at 07:44:01PM -0500, Matt Zimmerman wrote: This is exactly the kind of situation I don't want going forward...there is so much neglected software in Debian that bugs like these sometimes go unnoticed, or even if they are noticed, the maintainer doesn't care enough about stable to let anyone know about it. Maintainers are our first line of defense against security problems, and usually the best informed about their status, and yet maintainers who actively participate in the security update process represent a minority (a valuable one). While I also deplore the general lack of support package maintainers provide to the Security Team, given that there are several DDs tracking freeradius upstream (including, at last glance, at least one member of the Security Team), I have a hard time believing this particular package will be a problem. Given that my own interest in this package comes from a desire to reduce the number of packages I maintain locally, ensuring the security of the Debian packages implicitly becomes part of my day job. ;) -- Steve Langasek postmodern programmer pgp1OTQMAvmQs.pgp Description: PGP signature
Re: gimp1.2: gimp package suggest non-free software
Mathieu Roy schrieb: As far I know, there are still no patent for software in Europe, whatever an European institution know to fail to comply to European rules may do. Neither GIF nor LZW is software, though. The patent is about the LZW compression algorithm. Ciao, Eike
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
On Wed, Nov 12, 2003 at 11:26:26AM -0600, Marcelo E. Magallon wrote: * Package name: linux-experimental I really don't care either way, but would you consider using kernel-linux-whatever instead? I considered it, but it's redundant and unnecessary. I'll stick with the name choosed by upstream. Just for consistency's sake. As someone else said, eventually there will be a kernel-freebsd or kernel-netbsd, and having an uniform scheme to call these things would be nice. There's no consistency in that, since FreeBSD and NetBSD are not kernels. -- Robert Millan [..] but the delight and pride of Aule is in the deed of making, and in the thing made, and neither in possession nor in his own mastery; wherefore he gives and hoards not, and is free from care, passing ever on to some new work. -- J.R.R.T, Ainulindale (Silmarillion)
Re: gimp1.2: gimp package suggest non-free software
Ben Gertzfield schrieb: good question. How do we deal with this situation for other source projects that contain things like encryption that are outlawed in countries X, Y, and Z but OK in the US? Establish non-non-US? ;o) Ciao, Eike
Re: Bug#220289: general: make a new section: gis, for Geographic Information System packages
Hi! Simon Richter schrieb: How about science/geography? Establishing subsections? Or as a section name? Either way, we should use science/math, science/pysics, science/biology, science/whatever... as well then. I think geographyco neatly fits into the current science section. Ciao, Eike
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 07:37:58PM +0200, Riku Voipio wrote: 4) Patch apt-listchanges so that id doesn't mail about suggestions on packages that are not available. apt-listchanges neither knows nor cares about suggests or recommends. -- - mdz
Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 08:35:53AM +1100, Paul Hampson wrote: On Tue, Nov 11, 2003 at 03:23:24PM -0600, Steve Langasek wrote: On Wed, Nov 12, 2003 at 08:00:40AM +1100, Paul Hampson wrote: PostgreSQL requires license changes, and I've not had much luck buiding impetus for this, nor even identified an exact change that would be needed. As an aside, it should be possible to connect freeradius to a postgresql server using the ODBC module, which is included in the packages (but not as a separate binary package, the way the mysql and postgresql are -- Paul?) This will obviously cause at least a slight performance hit, but it may meet the needs of some users. (We log to mysql here, so.) And excellent point, which I'll make sure to add to the Readme. I'm including the PostgreSQL example DB in the package's docs, so that should work all OK. I've been splitting out ODBC support locally since the very beginning, but everytime I mooted it, Wichert Akkerman (amongst others, but he was at the time gatekeeper to the debian/ dir in CVS, if you're wondering why I keep invoking him) disagreed on the grounds of archive bloat, since rlm_sql_iodbc only pulls in the one package (libiodbc2). And rlm_sql_mysql only pulls in libmysqlclient10, and rlm_krb5 only pulls in libkrb53. :) These dependencies should be regarded with parity. I also promised that I would address _that_ once it was in the archive. :-) My personal inclination is to micro-packages, but I _like_ installing packages. :-) I'm personally rather indifferent on the question. Embedded systems developers and ftp masters are known to have stronger opinions. (I have a strange sense that my TODO list is starting to grow to match my available time... :-) You'll have that... -- Steve Langasek postmodern programmer pgpoM0JMHKExl.pgp Description: PGP signature
Re: Bug#215103: ITP: gmasqdialer -- gtk/gnome client for masqdialer server
On Fri, 2003-10-10 at 21:04, Joe Drew wrote: Description : gtk/gnome client for masqdialer server How about client for masqdialer? The problem with calling it just that is there are many more clients for masqdialer than just this one, like the qt/kde client, the cli client, the java client, which may be packaged in the future. The major difference between these clients are the toolkits/desktop environments they are designed for. GMasqdialer provides a GNOME/GTK client for the Masqdialer system. The Which is it, GTK only or GNOME? It originally had GNOME panel support, but that is currently removed for the gtk2 port. I believe there are plans to restore this functionality in the future. I would have no problem with removing GNOME until/if it becomes a GNOME application again. My currently built package (for woody at the moment) has the following: Depends: libatk1.0-0 (= 1.0.1), libc6 (= 2.2.4-4), libglib2.0-0 (= 2.0.1), libgtk2.0-0 (= 2.0.2), libpango1.0-0 (= 1.0.1) So it doesn't look like the current package is using the Gnome libraries at all. You might want to define what a 'masquerade box' is. How about appending the, rather good I think, description from the masqdialer package: Description: gtk client for masqdialer This package contains a gtk masqdialer client for debian. The masqdialer system is designed to provide easily accessible control of multiple dialout modem connections to the members of a LAN using IP Masquerade for their internet connectivity.
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
Robert Millan wrote: There's no consistency in that, since FreeBSD and NetBSD are not kernels. Robert, your (frankly autistic) worldview worries me. What do you believe would be in a freebsd-kernel or netbsd-kernel package? What do you believe would be in a linux-kernel package? When someone says Linux, do you think they generally mean something massively different to when they say NetBSD? We occasionally alter package names from upstream in order to make it clearer what the package contains. Even if they're wrong, it is common usage to use linux to describe the OS. People I know who do use the GNU/Linux phrase to refer to the OS continue to talk about the Linux kernel in order to reduce confusion. The image associated with apt-get install linux is one of getting an entire OS, not a kernel. It's not a massively important issue, but given your earlier statements about desire for consistency, it would seem to make sense to keep the package names consistent across the ports. -- Matthew Garrett | [EMAIL PROTECTED]
Re: ftpmaster accepts packages that have been rejected a few days ago
On Tue, Nov 11, 2003 at 11:29:07AM +, Daniel Silverstone wrote: We have procedures in place to handle all this, perhaps it's time you learnt to use those, instead of whining about things which aren't even the case. No way, man. We simply have to have people repeat the same fodder on debian-devel over and over again. The three hundred odd mails per day from the new fodder just aren't enough! -- 2. That which causes joy or happiness.
Re: Closing. (Was: Re: Bug#219582: ITP: linux -- Linux 2.4 kernel)
On Thu, Nov 13, 2003 at 12:23:44AM +1100, Zenaan Harkness wrote: I for one _would_ appreciate having a debian-standard linux package. kernel-source-*, kernel-image-*, kernel-headers-* -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -- | signature.asc Description: Digital signature
Re: gimp1.2: gimp package suggest non-free software
On Wed, 12 Nov 2003, Mathieu Roy wrote: 2) Do you have any valid proof of what you claim? Please, avoid being a liar, this is a very bad attitude. Keep your personal feeling out of this mailing-list, I do not give a toss about it and I think that noone else does. A liar? You have a very slant view on life. It's much better to say you are mistaken or you are misinformed then to call someone a liar. Because you have said it this way, it looks badly on you, no matter what the other person has done.
Re: gimp1.2: gimp package suggest non-free software
On Wed, 12 Nov 2003, Mathieu Roy wrote: I think this is a serious bug: the functionality of the free version has been lowered to promote patent emcumbered package. Patented software isn't really non-free. Search the list archives.
Re: gimp1.2: gimp package suggest non-free software
On Wed, Nov 12, 2003 at 01:28:20PM -0500, Matt Zimmerman wrote: On Wed, Nov 12, 2003 at 09:25:23AM +0100, Mathieu Roy wrote: Do you really think that I'm the only person to find UNACCEPTABLE that a package in mail suggests packages in non-free, which ARE NOT PART OF DEBIAN? Packages are free to suggest whatever the maintainer wishes; I wouldn't even consider it a particularly serious bug if the suggested package did not exist at all. Anyone else up for putting a Suggests: on 'mathieu-roy-is-a-nitwit' in their packages? Variations in package name will, of course, be acceptable also. g I've alternated between bemusement and incredulity at Mathieu's frothings (past and present), but this one is probably one of the more... frothy? for want of a better word. It doesn't really show you at your best, mate. Consider a less stressful job or something. - Matt
sarge release
I apologise if this is covered elsewhere, I am currently totally swamped and can't afford too much time for Debian. I am going to be away from my machine(s) starting 22 Nov until the middle of December. I currently have 1 RC bug and several other bugs against my packages. If sarge's release will happen in 2003, I will bite the bullet and fix these bugs over the next couple of days. However, if sarge's release is delayed till 2004, I would be a lot saner if I didn't have to worry about Debian right now. What's the status? Thanks, -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft [EMAIL PROTECTED] : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgpCe9g3JrV5f.pgp Description: PGP signature
Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
Hi Robert, On Wed, Nov 12, 2003 at 07:23:35PM +0100, Robert Millan wrote: On Wed, Nov 12, 2003 at 11:26:26AM -0600, Marcelo E. Magallon wrote: * Package name: linux-experimental I really don't care either way, but would you consider using kernel-linux-whatever instead? I considered it, but it's redundant and unnecessary. I'll stick with the name choosed by upstream. Did you consider ease of finding alternative packages through the normal UI like dselect and aptitude? I, for one, appreciate similar things to exist next to each other. Just for consistency's sake. As someone else said, eventually there will be a kernel-freebsd or kernel-netbsd, and having an uniform scheme to call these things would be nice. There's no consistency in that, since FreeBSD and NetBSD are not kernels. Well all port part of user space progrms are not kernel. But I thought they have their own kernel and have some linux binary compatibility mode. (I do not know how binary compatibility works here.) Anyway, to me, CDBS package is a very good direction. I am looking forward to it. Osamu PS: Relax. All comments you got on this thread seems very friendly.