Re: logging out a ssh-user

2003-07-29 Thread Mark Brown
On Tue, Jul 29, 2003 at 05:02:53PM +0100, Colin Watson wrote:

> Yeah, I know, but let's pretend I mean 'fixed-upstream' or some
> yet-to-be-added tag.

What, you mean like the way the pending tag often seems to get used :) .

> > Besides, that doesn't help the default bug list :) .

> I'm not *overly* bothered about that, to be honest ...

Is there an interface for configuring the sorting order the BTS uses
when displaying results?  

-- 
"You grabbed my hand and we fell into it, like a daydream - or a fever."




Re: logging out a ssh-user

2003-07-29 Thread Chris Halls
On Tue, Jul 29, 2003 at 11:35:01AM +0200, Matthias Urlichs wrote:
> > In my particular case (gforge), I'll have to hack around the
> > no-binary-in-diff limitation of dpkg-source.  I work in the same
> > repository as upstream, and some images were changed.
> 
> Ugly. The best idea I have about that is to affix a .0.1 to the upstream
> version number and to upload a new .orig.tar.gz.


With a very large upstream .orig.tar.gz I would not be very popular with
everyone if I did this for openoffice every time :)

I added support in the dbs for openoffice to uudecode a patch file with the
extension .uu before applying it.  I talked to Jeff Bailey at debconf about
supporting this in cdbs too. (Bug #202389)

Chris


pgpDAvHf3vxCQ.pgp
Description: PGP signature


Re: logging out a ssh-user

2003-07-29 Thread Colin Watson
On Tue, Jul 29, 2003 at 04:14:19PM +0100, Mark Brown wrote:
> On Tue, Jul 29, 2003 at 03:05:12PM +0100, Colin Watson wrote:
> > On Tue, Jul 29, 2003 at 02:52:19PM +0100, Mark Brown wrote:
> > > The upstream tag doesn't help with filtering out uninteresting
> > > bugs from the default bug list.
> 
> > Add '&exclude=upstream' to the URL?
> 
> Not really.  The reason it doesn't help is that the semantics of the
> upstream tag aren't those that are needed for filtering out bugs that
> have been dealt with (which is the kind of uninteresting we're talking
> about here).

Yeah, I know, but let's pretend I mean 'fixed-upstream' or some
yet-to-be-added tag.

> Besides, that doesn't help the default bug list :) .

I'm not *overly* bothered about that, to be honest ...

Cheers,

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-29 Thread Mark Brown
On Tue, Jul 29, 2003 at 03:05:12PM +0100, Colin Watson wrote:
> On Tue, Jul 29, 2003 at 02:52:19PM +0100, Mark Brown wrote:

> > The upstream tag doesn't help with filtering out uninteresting bugs from
> > the default bug list.

> Add '&exclude=upstream' to the URL?

Not really.  The reason it doesn't help is that the semantics of the
upstream tag aren't those that are needed for filtering out bugs that
have been dealt with (which is the kind of uninteresting we're talking
about here).  Bugs that are worth looking at could obviously be tagged
as upstream.  Similarly, non-upstream bugs might be fixed in development
packaging but not uploaded for whatever reason.

Besides, that doesn't help the default bug list :) .

-- 
"You grabbed my hand and we fell into it, like a daydream - or a fever."




Re: logging out a ssh-user

2003-07-29 Thread Colin Watson
On Tue, Jul 29, 2003 at 02:52:19PM +0100, Mark Brown wrote:
> On Tue, Jul 29, 2003 at 02:47:38PM +0200, Matthias Urlichs wrote:
> > Hi, Matt Zimmerman wrote:
> > > Because it is fixed in upstream CVS and I have not merged the patch into
> > > the Debian package,
> 
> > If it's fixed in the next upstream release I would also set the Upstream
> > tag.
> 
> The upstream tag doesn't help with filtering out uninteresting bugs from
> the default bug list.

Add '&exclude=upstream' to the URL?

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-29 Thread Colin Watson
On Tue, Jul 29, 2003 at 02:47:38PM +0200, Matthias Urlichs wrote:
> Hi, Matt Zimmerman wrote:
> > or because I have other changes pending which are incomplete.
> 
> Personally, I deal with that by cvs-or-whatever-ing a new working
> tree, or (for more complex changes) there's branching.

That really isn't always feasible, honestly ... in my experience, some
changes are too complex to be worth backporting. It's fine for simple
fixes but that doesn't cover everything.

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-29 Thread Mark Brown
On Tue, Jul 29, 2003 at 02:47:38PM +0200, Matthias Urlichs wrote:
> Hi, Matt Zimmerman wrote:

> > Because it is fixed in upstream CVS and I have not merged the patch into
> > the Debian package,

> If it's fixed in the next upstream release I would also set the Upstream
> tag.

The upstream tag doesn't help with filtering out uninteresting bugs from
the default bug list.  Marking things as forwarded does but that doesn't
help with the filtering and would be a pretty gross thing to do for bugs
that are pending.

-- 
"You grabbed my hand and we fell into it, like a daydream - or a fever."




Re: logging out a ssh-user

2003-07-29 Thread Matt Zimmerman
On Tue, Jul 29, 2003 at 02:47:38PM +0200, Matthias Urlichs wrote:

> Hi, Matt Zimmerman wrote:
> 
> > Because it is fixed in upstream CVS and I have not merged the patch into
> > the Debian package,
> 
> If it's fixed in the next upstream release I would also set the Upstream
> tag.

The upstream tag is abused enough (especially by bug submitters) that it is
practically useless at this point.

> > or because I have other changes pending which are incomplete.
> 
> Personally, I deal with that by cvs-or-whatever-ing a new working tree, or
> (for more complex changes) there's branching.

If I am in the process of completing some medium-to-large-scale
restructuring or something in my working directory, and someone reports a
bug with severity <= normal, I just merge in the fix and don't waste time
with multiple trees or anything else.  I would only bother with that sort of
thing for an important bug.  Branching, especially, is overkill for nearly
all situations, and a maintenance headache.

-- 
 - mdz




Re: logging out a ssh-user

2003-07-29 Thread Matthias Urlichs
Hi, Matt Zimmerman wrote:

> Because it is fixed in upstream CVS and I have not merged the patch into
> the Debian package,

If it's fixed in the next upstream release I would also set the Upstream
tag.

> or because I have other changes pending which are incomplete.

Personally, I deal with that by cvs-or-whatever-ing a new working tree, or
(for more complex changes) there's branching.

You're free to work the way you work best, of course. For me, however, a
new bug tag for "long-term-pending" would feel like a cheap excuse for not
being organized enough to keep my bugfixes straightened out. (Umm, I think
I need to emphasize that this is me personally, and not to be construed as
a put-down on anybody. OK?)

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
Today is the first day of the rest of the mess.




Re: logging out a ssh-user

2003-07-29 Thread Matt Zimmerman
On Tue, Jul 29, 2003 at 10:06:54AM +0200, Matthias Urlichs wrote:

> > I have done this as well, as I want these bugs out of my face because the
> > are already fixed.  'pending' is my standard "make it go away because it
> > has already been dealt with" tag.
> 
> OK, but IMHO it's a good idea to get bugfixes out to the users reasonably
> fast so that they can check if the bug really is fixed. To that end, if
> you really have dealt with the bug, why not upload the package?

Because it is fixed in upstream CVS and I have not merged the patch into the
Debian package, or because I have other changes pending which are
incomplete.  As others have suggested, it might be good to have a separate
tag for the former situation.

-- 
 - mdz




Re: logging out a ssh-user

2003-07-29 Thread Colin Watson
On Tue, Jul 29, 2003 at 10:06:54AM +0200, Matthias Urlichs wrote:
> Hi, Matt Zimmerman wrote:
> > I have done this as well, as I want these bugs out of my face
> > because the are already fixed.  'pending' is my standard "make it go
> > away because it has already been dealt with" tag.
> 
> OK, but IMHO it's a good idea to get bugfixes out to the users
> reasonably fast so that they can check if the bug really is fixed. To
> that end, if you really have dealt with the bug, why not upload the
> package?

Upstream CVS isn't always releasable immediately. I know I've dealt with
#168442/#177539 in upstream CVS, for instance. However, that repository
also happens to contain random other stuff which hasn't stabilized yet,
and I don't think trying to backport a complete reorganization of how
man handles locale encodings is a terribly stable thing to do. Thus, I
want to express the fact that I've dealt with the bug for the sake of my
own organization without necessarily promising to upload Real Soon Now.

(Certainly I should do more work to get man-db 2.4.2 out, but to some
extent that's a different matter.)

Cheers,

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-29 Thread Matthias Urlichs
Hi, Roland Mas wrote:

> In my particular case (gforge), I'll have to hack around the
> no-binary-in-diff limitation of dpkg-source.  I work in the same
> repository as upstream, and some images were changed.

Ugly. The best idea I have about that is to affix a .0.1 to the upstream
version number and to upload a new .orig.tar.gz.  (Assuming that upstream
won't do a new release soon.)

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
This neurotic pursuit of sanity is driving us all crazy.
-- Solomon Short




Re: logging out a ssh-user

2003-07-29 Thread Roland Mas
Matthias Urlichs (2003-07-29 10:06:54 +0200) :

> OK, but IMHO it's a good idea to get bugfixes out to the users
> reasonably fast so that they can check if the bug really is
> fixed. To that end, if you really have dealt with the bug, why not
> upload the package?

In my particular case (gforge), I'll have to hack around the
no-binary-in-diff limitation of dpkg-source.  I work in the same
repository as upstream, and some images were changed.  I suppose I'll
have to start working on a branch to be protected from such things,
but before I do that (totally unrelated) thing I can't upload a fixed
package even though the bugs are fixed in the CVS.

Roland.
-- 
Roland Mas

A man walks into a bar.
Bang.




Re: logging out a ssh-user

2003-07-29 Thread Matthias Urlichs
Hi, Matt Zimmerman wrote:

> I have done this as well, as I want these bugs out of my face because the
> are already fixed.  'pending' is my standard "make it go away because it
> has already been dealt with" tag.

OK, but IMHO it's a good idea to get bugfixes out to the users reasonably
fast so that they can check if the bug really is fixed. To that end, if
you really have dealt with the bug, why not upload the package?

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
Understanding is always the understanding of a smaller problem
in relation to a bigger problem.
-- P.D. Ouspensky




Re: logging out a ssh-user

2003-07-28 Thread Matt Zimmerman
On Sun, Jul 27, 2003 at 04:44:44PM +0100, Colin Watson wrote:

> On Sun, Jul 27, 2003 at 04:45:33PM +0200, Matthias Urlichs wrote:
> > It's also tagged "pending" since May... Matthew, do you need a
> > co-maintainer for ssh? 
> 
> Matthew's *got* a co-maintainer for ssh, as a cursory check of the
> changelog would have revealed. Hello.
> 
> ISTR that I tagged that bug pending because it was fixed in upstream CVS
> and that was a handy way to separate it out. I suppose I shouldn't do
> that really.

I have done this as well, as I want these bugs out of my face because the
are already fixed.  'pending' is my standard "make it go away because it has
already been dealt with" tag.  Maybe we need a new tag?

-- 
 - mdz




Re: logging out a ssh-user

2003-07-27 Thread Michael Banck
On Sun, Jul 27, 2003 at 07:45:47PM +0100, Colin Watson wrote:
> I admit I wasn't very clear about why I tagged it pending. I think we
> probably need a 'fixed-upstream' tag or similar now that pending is more
> explicitly reserved for "upload will happen soon".

I second that.


Michael

-- 
"The discussion did NOT turn to a flameware, mostly because
french-speaking people are really polite people, as you probably know
if you have ever driven in the Paris area.. :-)"
-- Christian Perrier




Re: logging out a ssh-user

2003-07-27 Thread Colin Watson
On Sun, Jul 27, 2003 at 08:00:05PM +0200, Matthias Urlichs wrote:
> Hi, Colin Watson wrote:
> > Matthew's *got* a co-maintainer for ssh, as a cursory check of the
> > changelog would have revealed. Hello.
> 
> I checked the bug page, which says the maintainer is Matthew.

Unfortunately the BTS isn't really in a position to know about
Uploaders: fields at the moment. If you follow the link to the PTS
you'll see a "Co-Maintainers" entry, though.

> I'll remember to also check the changelog next time, thanks. (Seriously.)
> 
> Anyway, if you think it's OK to have 80 open bugs on one package (not
> counting minor+wishlist) ... well, personally I wouldn't want that, but
> it's your package and it seems to work reasonably well otherwise, so I
> guess I'll shut up now.

I certainly don't like having that many open bugs, but since the package
is being actively uploaded it would probably be more helpful if you
could help triage them rather than asking about the package's
maintenance ... Darren Tucker (part of OpenSSH upstream) is doing that
and it's very useful.

Also, openssh is one of those packages that tends to attract a lot of
upstream bugs which aren't realistically fixable in Debian as well as
bugs that basically can't or won't be fixed, and it's inherently rather
complex too. Still, the overall bug count was more like 280 this time
last year.

> > ISTR that I tagged that bug pending because it was fixed in upstream CVS
> > and that was a handy way to separate it out. I suppose I shouldn't do
> > that really.
> 
> I wouldn't have said anything if the bug had noted that.

Darren said that it was fixed upstream in
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=164797&msg=13, although
I admit I wasn't very clear about why I tagged it pending. I think we
probably need a 'fixed-upstream' tag or similar now that pending is more
explicitly reserved for "upload will happen soon".

Cheers,

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-27 Thread Matthias Urlichs
Hi, Colin Watson wrote:

> Matthew's *got* a co-maintainer for ssh, as a cursory check of the
> changelog would have revealed. Hello.

I checked the bug page, which says the maintainer is Matthew.
I'll remember to also check the changelog next time, thanks. (Seriously.)

Anyway, if you think it's OK to have 80 open bugs on one package (not
counting minor+wishlist) ... well, personally I wouldn't want that, but
it's your package and it seems to work reasonably well otherwise, so I
guess I'll shut up now.

> ISTR that I tagged that bug pending because it was fixed in upstream CVS
> and that was a handy way to separate it out. I suppose I shouldn't do
> that really.

I wouldn't have said anything if the bug had noted that. In that case I
don't have a problem with a multi-week "pending" status.

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
I think I'll make SCRAMBLED EGGS!!  They're each in LITTLE SHELLS...
-- Zippy the Pinhead




Re: logging out a ssh-user

2003-07-27 Thread Colin Watson
On Sun, Jul 27, 2003 at 04:45:33PM +0200, Matthias Urlichs wrote:
> Hi, Bernd Eckenfels wrote:
> > On Sun, Jul 27, 2003 at 10:30:07AM +0200, Matthias Urlichs wrote:
> >> Wrong, actually. ssh forks twice before spawning a shell (I don't know
> >> why);
> > 
> > I think it is related to the priveledge separation code.
> 
> Probably. It's still a bug. #164797, actually, which is a _bit_ hard to
> find among the 200 open bugs ssh has.  :-/

Fixed in openssh 1:3.6.1p2-4, making its way through incoming now.

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-27 Thread Colin Watson
On Sun, Jul 27, 2003 at 04:45:33PM +0200, Matthias Urlichs wrote:
> It's also tagged "pending" since May... Matthew, do you need a
> co-maintainer for ssh? 

Matthew's *got* a co-maintainer for ssh, as a cursory check of the
changelog would have revealed. Hello.

ISTR that I tagged that bug pending because it was fixed in upstream CVS
and that was a handy way to separate it out. I suppose I shouldn't do
that really.

-- 
Colin Watson  [EMAIL PROTECTED]




Re: logging out a ssh-user

2003-07-27 Thread Matthias Urlichs
Hi, Bernd Eckenfels wrote:

> On Sun, Jul 27, 2003 at 10:30:07AM +0200, Matthias Urlichs wrote:
>> Wrong, actually. ssh forks twice before spawning a shell (I don't know
>> why);
> 
> I think it is related to the priveledge separation code.
> 
Probably. It's still a bug. #164797, actually, which is a _bit_ hard to
find among the 200 open bugs ssh has.  :-/

Also at http://bugzilla.mindrot.org/show_bug.cgi?id=560 (which seems to be
unreachable at the moment).

It's also tagged "pending" since May... Matthew, do you need a
co-maintainer for ssh? 

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
love, n.:
When it's growing, you don't mind watering it with a few tears.




Re: logging out a ssh-user

2003-07-27 Thread Bernd Eckenfels
On Sun, Jul 27, 2003 at 10:30:07AM +0200, Matthias Urlichs wrote:
> Wrong, actually. ssh forks twice before spawning a shell (I don't know
> why);

I think it is related to the priveledge separation code.

Greetings
Bernd
-- 
  (OO)  -- [EMAIL PROTECTED] --
 ( .. )  [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/
  o--o *plush*  2048/93600EFD  [EMAIL PROTECTED]  +497257930613  BE5-RIPE
(OO)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!




Re: logging out a ssh-user

2003-07-27 Thread Dennis Stampfer
On Sun, Jul 27, 2003 at 09:47:29AM +0200, Norbert Tretkowski wrote:
> * Dennis Stampfer <[EMAIL PROTECTED]> wrote:
> > I have to log out a user who is logged in via ssh.
> 
> ,
> | % apt-cache show slay

Sure, but I can't fix a bug by saying "use slay instead of this
package"... ;)

Dennis




Re: logging out a ssh-user

2003-07-27 Thread Matthias Urlichs
Hi, Dennis Stampfer wrote:

> If he's logged in via telnet, I can do the job by killing that pid.  That
> does not work with ssh: For some reason, all what I get out of utmp is 
> the pid of the listening sshd which I can't kill if I don't want to 
> disable ssh-logins.

Wrong, actually. ssh forks twice before spawning a shell (I don't know
why); the child puts its PID into utmp, and the grandchild controls the
communication and spawns the login shell.

ssh should probably enter the grandchild's PID. This might be a bug in ssh.

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
-- 
boss, n:
According to the Oxford English Dictionary, in the Middle Ages the
words "boss" and "botch" were largely synonymous, except that boss,
in addition to meaning "a supervisor of workers" also meant "an
ornamental stud."




Re: logging out a ssh-user

2003-07-27 Thread Norbert Tretkowski
* Dennis Stampfer <[EMAIL PROTECTED]> wrote:
> I have to log out a user who is logged in via ssh.

,
| % apt-cache show slay
| [...]
| Description: kills all of the user's processes
|  Slay provides you with a way to quickly get rid of all
|  processes selected user owns. Very useful if you want
|  to harm somebody.
`




Re: logging out a ssh-user

2003-07-27 Thread Craig Sanders
this question really belongs on debian-user, not on debian-devel.

On Sat, Jul 26, 2003 at 07:55:28PM +0200, Dennis Stampfer wrote:
> I have to log out a user who is logged in via ssh.  The information that he
> is not allowed to login comes from the utmp-file like the pid to  kill.  

if he's not allowed to login, then why not set his shell to /bin/false?

> If he's logged in via telnet, I can do the job by killing that pid.  That
> does not work with ssh: For some reason, all what I get out of utmp is the
> pid of the listening sshd which I can't kill if I don't want to disable
> ssh-logins.

that would be because you're killing the wrong sshd PID.

> I solved it by adding 2 to that pid to reach the child-ssh, checking if it is
> "sshd" and owned by the user who is to be logged out.  If that all is ok, I
> kill that pid.

run ps and grep for the tty that he's logged in on.  e.g. if he's on pts/3:

# ps aux | grep "pts/3$"
cas   7002  0.0  0.7  6352 1920 ?S17:00   0:00 sshd: [EMAIL 
PROTECTED]/3

then kill it:

# kill -1 7002

or in one line:

# ps aux | grep "pts/3$" | awk '{print $2}' | xargs kill -1



alternatively, "apt-get install slay" and run "slay USERNAME".

craig





Re: logging out a ssh-user

2003-07-26 Thread Ulrich Eckhardt
On Saturday 26 July 2003 19:55, Dennis Stampfer wrote:
> I have to log out a user who is logged in via ssh.  The information that
> he is not allowed to login comes from the utmp-file like the pid to
> kill.

Not sure if that helps, but 'slay' might be the proper tool for it.

Uli