Re: RFS: jarifa
Thanks for the comments. I will try to address all your points, and fix them!!! On Sun, Dec 12, 2010 at 17:58, Paul Wise p...@debian.org wrote: 2010/12/9 Daniel Lombraña González teleyi...@gmail.com: I am looking for a sponsor for my package jarifa. A review of the source package: Your upstream version should be 1.0~rc8 since that sorts before 1.0 and rc usually means release candidate. debian/patches/debian-changes-1.0-rc8-1 looks like it can be removed or applied upstream. Please add a debian/watch file (see uscan manual page for details). You might want to wrap the Depends line in debian/control since it is very long. I like to split the line after every comma. Can jarifa not connect to a MySQL server over the network? If so you might want to demote mysql-server to recommends. README.source looks like it belongs in the upstream README since it is not Debian specific. You add a symlink to ttf-dejavu fonts but do not depend on it. At the very least I would say you need a Recommend. Please switch jarifa to a randomly generated password instead of a static easily guessable one when the user does not set a password. www-data is defined in base-passwd so I think you can set permissions on /usr/share/jarifa/img/stats at build time instead of in postinstall. Why does your prerm remove files from /usr? I think maybe your software should use /var/lib/jarifa instead for runtime-created data. I would replace your debian/rules file with /usr/share/doc/debhelper/examples/rules.tiny and add conf/jarifa.sql usr/share/dbconfig-common/data/jarifa/install/mysql to debian/jarifa.install. libchart-1.2 is an embedded code copy (with its own embedded font copy), please remove it from the tarball and package it separately. db_conn.inc is similar, but I'm wondering why I don't see that in the boinc package in Debian. These files look like they were created in Inkscape/GIMP but I don't see any SVG/XCF source for them: computer.png cpus.png credit.png supplier.png volunteer.png. I wonder what the license/source for vcss.png is, since it looks like an image from the W3C. Same for agplv3.png since it is an FSF image. Why is there a lang/es_ES.utf8/LC_MESSAGES/messages.mo but no lang/es_ES.utf8/LC_MESSAGES/messages.po? Have you had the PHP code audited for vulnerabilities or run any automated exploit finding tools against jarifa? Examples of such tools available in Debian include w3af wapiti sqlmap rats. owasp.org is a good place to go to learn about web application security. Your jarifa.apache.conf forces jarifa to be available at /jarifa on all apache vhosts. As a sysadmin I would expect to be either asked what vhost, URL path to configure jarifa at or expect me to configure it manually based on an example config. lintian complaints: I: jarifa source: no-complete-debconf-translation I: jarifa source: debian-watch-file-is-missing -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktintdrm5edez5g1+haeh_7kc-d-xoa8fxzvh...@mail.gmail.com -- ·· http://jarifa.unex.es/ http://www.flickr.com/photos/teleyinex ·· Por favor, NO utilice formatos de archivo propietarios para el intercambio de documentos, como DOC y XLS, sino HTML, RTF, TXT, CSV o cualquier otro que no obligue a utilizar un programa de un fabricante concreto para tratar la información contenida en él. ··
Re: A question about svn-buildpackage
* Ben Finney ben+deb...@benfinney.id.au, 2010-12-14, 15:43: mergeWithUpstream mode detected, looking for ../tarballs/hg-git_0.2.5.orig.tar.gz I: mergeWithUpstream property set, looking for upstream source tarball... E: Could not find the origDir directory, please check the settings! at /usr/bin/svn-buildpackage line 595. Is there anyone who can tell me how to solve this problem Seems obvious to me. Download the upstream tarball, rename it to hg-git_0.2.5.orig.tar.gz and place it in ../tarballs/ It's not quite clear in the OP's message, but I think they're showing that such a file already exists: Qijiang Fan fqj1...@gmail.com writes: $ls tarballs/ hg-git_0.2.5.orig.tar.gz $cd schacon-hg-git-0ed3c70/ $svn-buildpackage -rfakeroot […] Quijing Fan, can you confirm that the file does exist in the right directory: $ pwd some_prefix/schacon-hg-git-0ed3c70 $ ls ../tarballs/hg-git_0.2.5.orig.tar.gz ../tarballs/hg-git_0.2.5.orig.tar.gz If the directory does exist, I don't know why the ‘svn-buildpackage’ command would be complaining that it doesn't exist. svn-buildpackage complains that way when mergeWithUpstream is set to 1, but the latest version of Debian package doesn't have the debian_revision component. In this case, the version was 0.2.5 instead of 0.2.5-1. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101214112415.ga1...@jwilk.net
RFR/RFS: openvpn-auth-radius (new package, fixes retitled RFP)
Dear mentors, Please CC me in a reply, since I am not subscribed to the list. I am looking for a sponsor for my package openvpn-auth-radius. * Package name: openvpn-auth-radius Version : 2.1-1 Upstream Author : Ralf Luebben * URL : http://www.nongnu.org/radiusplugin/ * License : GPL-2 Section : net It builds these binary packages: openvpn-auth-radius - OpenVPN RADIUS authentication module openvpn-auth-radius-dbg - debugging symbols for openvpn-plugin-radius The package appears to be lintian clean. The upload would fix these bugs: 556460 My motivation for maintaining this package is: The Cygnus Networks GmbH is using this software on Debian and Debian does not provide a package with this or similar functionality. Thus we packaged it for our own needs. Since we expect to use it for quite a bit of time, maintaining the package seems like a good fit. A few notes on the software: This package will have low popcon score. To be useful it requires a functional openvpn and radius setup. Most users probably want to run stable, so the package is created with backporting in mind. The package can be found on mentors.debian.net: - URL: http://mentors.debian.net/debian/pool/main/o/openvpn-auth-radius - Source repository: deb-src http://mentors.debian.net/debian unstable main contrib non-free - dget http://mentors.debian.net/debian/pool/main/o/openvpn-auth-radius/openvpn-auth-radius_2.1-1.dsc I would be glad if someone uploaded or review this package for me. Helmut -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101214155817.ga16...@buero.cygnusnet.de
Re: RFS: tenshi (updated)
On Sat, Dec 4, 2010 at 14:40, Ansgar Burchardt ans...@43-1.org wrote: Hi, Hi Ansgar, sorry for the late reply, the mail got a bit lost at the bottom of my mailbox. No worries. It is my turn to say sorry for replying this late. I kind of have been swamped by my work lately.. Ignace Mouzannar ghant...@ghantoos.org writes: Upgrading from 0.11-1 fails: Updating tenshi user's home directory ... usermod: user tenshi is currently logged in Oops, my daemon must have not been running when I tested my package. Sorry about that. The error was due to the -R flag that was passed to dh_installinit in the past release: it prevented the upgrade process from stopping the daemon before the new installation started. I have corrected this behavior by adding a preinst script that stop the daemon. But I'm not sure this is the best way to go. Is it? I think it should be okay. Great! :) Here are the relevant parts of the new changelog: / | tenshi (0.11-2) unstable; urgency=low | | * debian/control: | (...) | - Set debhelper dependency back to (= 7) as dh_overrides are not used by | debian/rules anymore. You still use the --with quilt feature which requires debhelper 7.0.8. Absolutely true. I have set it to 7.0.8 (in debian/control and debian/changelog). I noticed two other small things in the init script which might be nice to have fixed in the next upload (I don't think it is important enough to get it included in Squeeze): · In do_start, one time $DAEMONUSER is used and one time the expanded value for it (tenshi). · In the stop action, the process with the pid from $PIDFILE is killed without making sure it is actually the right process. A stale pid file might point to another process. A new upstream version has been released. I'll make sure to include these changes when packaging it (post-squeeze). I have uploaded the changes on m.d.n [1]. Thank you again for your support. Cheers, Ignace M [1] - URL: http://mentors.debian.net/debian/pool/main/t/tenshi - Source repository: deb-src http://mentors.debian.net/debian unstable main contrib non-free - dget http://mentors.debian.net/debian/pool/main/t/tenshi/tenshi_0.11-2.dsc -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktingumyqpcwllfv_ce+x80y7+ejxhspqhvq8c...@mail.gmail.com
Re: RFS: sslh (updated package)
Le lundi 13 décembre 2010 à 18:18 -0500, Paul Tagliamonte a écrit : 2010/12/13 Guillaume Delacour g...@iroqwa.org: dget http://mentors.debian.net/debian/pool/main/s/sslh/sslh_1.7a-3.dsc Howdy, I'm not a DD, and I can't upload, but here are some notes ( mostly nit-picks ) And this is also a good way to help me. Might want to consider using DEP5 and DEP3 Yes, i have to consider these and changes my packages. Sslh should be migrated in the next upstream release. You should consider breaking up the Depends in the control to newline after 80 chars It's right too. I've modified that for future release of the package. One lintian issue on the deb: P: sslh: no-upstream-changelog I'm not sure if this is just because I compiled it on Ubuntu, or if it's actually an issue. I'll dig into it later if no one responds telling me I'm wrong ( a bit short on time right now ) $ lintian -IE --pedantic sslh_1.7a-3.dsc sslh_1.7a-3_amd64.changes $ echo $? $ Reports no problem or pedantic. http://packages.debian.org/sid/i386/sslh/filelist confirm that the upstream changelog is included in the -3 (and all previous releases). I get why you do it, but this is interesting in init :) # Do NOT set -e You can use a patch to put the file where it should be ( and not keep it in the debdir ). I don't really understand this remark, debian/init is installed by dh_installinit, whis is why i just put the initscript in debian/. There is a lot of odd stuff going on, but it looks OK at first glance. Like I said, I'll look more at it later unless someone else gets there first :) Thanks, please note that the package have been uploaded a few hours ago by wjl, so changes and remarks will be included in next release of the packagE. Cheers! Paul -- All programmers are playwrights, and all computers are lousy actors. #define sizeof(x) rand() :wq signature.asc Description: Ceci est une partie de message numériquement signée
Re: RFS: sslh (updated package)
Le mardi 14 décembre 2010 à 00:09 +0100, chrysn a écrit : On Mon, Dec 13, 2010 at 11:00:02PM +0100, Guillaume Delacour wrote: The upload would fix these bugs: 598591, 600181, 603608 and piuparts uninstallation issues. I would be glad if someone uploaded this package for me, thanks in advance. i can't upload it for you, but i've had a look at it. the changes are minimal, match the description, it builds and the translation works -- everything seems to be ok. Thanks for your review, the package have been uploaded. regards chrysn signature.asc Description: Ceci est une partie de message numériquement signée
RFS: rush (new package)
Dear mentors, I am looking for a sponsor for my package rush. Package name: rush Version: 1.7-1 Upstream author: Sergey Poznyakoff g...@gnu.org.ua URL: http://puszcza.gnu.org.ua/projects/rush/ License: GPL-3 Section: shells It builds these binary packages: gnurush- restricted user shell The package is pedantically lintian clean and builds in pbuilder for testing as well as for unstable. The upload would fix these bugs: 515198 My motivation for maintaining this package is: The package has been requested and I take interest in arrangements providing minimal access for selected users, like select backup services or repository manipulations in an otherwise locked down system. The initial packaging applicant waived at the effort needed. The present packaging has received a supplementary helper service. It and its documentation has been fully tested on GNU/Linux as well as GNU/kFreeBSD, and the differences are described. Thus a quick creation of chrooted services with either of sctp, sftp, rsync, git, sv, or cvs are thoroughly described. The package can be found on mentors.debian.net: - URL: http://mentors.debian.net/debian/pool/main/r/rush - Source repository: deb-src http://mentors.debian.net/debian unstable main - dget http://mentors.debian.net/debian/pool/main/r/rush/rush_1.7-1.dsc I would please me if someone looked at this package and reported conclusions on the packaging. Kind regards Mats Erik Andersson, DM -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101214215116.ga9...@mea.homelinux.org
Re: RFS: logtop a realtime log line rate analyzer
Hi Salvatore, (and the list) On Wed, Dec 8, 2010 at 9:45 AM, Salvatore Bonaccorso car...@debian.org wrote: Good! It is not mandatory, but see [1,2]. Ok, I don't have to do it manually, just to wrote it in the Changelog to let the packaging system close it for me, juste understood, thanks for all your explanations about this. rewrite the long description. I hope it's better now Yes, that is correct. do not merge them. Upstream changelog is then installed to /usr/share/doc/$package/changelog.gz and Debian's changelog in /usr/share/doc/$package/changelog.Debian.gz. Done using make inatall, am i right ? Package re-uploaded to debian mentors. Kind regards -- Julien Palard - CTO à Eeple - jul...@eeple.fr Mobile : +33 (0)6 21 19 49 10 Office : +33 (0)1 83 62 00 85 http://www.eeple.fr -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinm=myinuygxibiwu4vy-c9qc+yecrbcggyk...@mail.gmail.com
Re: RFS: logtop a realtime log line rate analyzer
Hi Julien On Tue, Dec 14, 2010 at 11:20:14PM +0100, Julien Palard wrote: Hi Salvatore, (and the list) On Wed, Dec 8, 2010 at 9:45 AM, Salvatore Bonaccorso car...@debian.org wrote: Good! It is not mandatory, but see [1,2]. Ok, I don't have to do it manually, just to wrote it in the Changelog to let the packaging system close it for me, juste understood, thanks for all your explanations about this. rewrite the long description. I hope it's better now Yes, I would say better. Only one further 'nitpicking' ;-) logtop is a System Administrator tool to analyze line rate taking log file as input. It reads on stdin and print a constantly updated result using curses, displaying in columns: Line number, count, frequency, and the actual line. . $ tail -f FILE | logtop is the friendly version of: $ watch 'tail FILE | sort | uniq -c | sort -gr' Lines starting indeed with two or more spaces, like the last one then, will show up in verbatim. Could you change this this way and the alignment? (and no spaces preferably inbetween the text and ':'). Yes, that is correct. do not merge them. Upstream changelog is then installed to /usr/share/doc/$package/changelog.gz and Debian's changelog in /usr/share/doc/$package/changelog.Debian.gz. Done using make inatall, am i right ? Hmm, no, as done previously it was correct. Simply have the upstream CHANGELOG in upstream, and the rest will be done by by dh_installchangelogs (see manpage). Then there is no need for debian/patches/debian-changes-0.1-1 ;-). Could you change these two again? For the proposal of DEP5 for machine-readable format-specification, have a lock at [1]. So there are missing the File-Copyright-License stanzas. Could you change this? So have the Format-Specification, Name, Maintainer, Source Stanza, then one for your upstream Files and one separate for the debian/* packaging stanza, and last one the license-'stanza'. [1] http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=filerev=135 I would gladly then review! Thanks for logtop and your work so far on getting the package ready! :-) Bests Salvatore signature.asc Description: Digital signature