Bug#1043539: project: Forwarding of @debian.org mails to gmail broken
On Sat, Aug 12, 2023 at 01:41:46PM -0700, Russ Allbery wrote:
> The problem I suspect is with email forwarding, and specifically email
> forwarding to Gmail, which has recently ramped up the amount of
> verification it does on messages. Because of email forwarding, Gmail sees
> a message purportedly from helgefjell.de but actually delivered by
> debian.org mail servers, and has now decided to be suspicious of that.
This is the exact use case that SRS was developer for, however gmail's
documentation does not recommend that (but the situation, as you noted,
worsened, so I tried it in some other similar setups and everything is
great, so...).
My understanding is that several DSA members were opposed to using SRS
for @debian.org forwarding, but maybe it's now time?
Alternatively, I wonder if ARC nowadays is respected enough (and if
Google cares about it)... I personally don't have any system with ARC
under my care.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
More about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Fortunes-off - do we need this as a package for Bookworm?
On Sun, Nov 20, 2022 at 10:45:15PM +0100, Michael Neuffer wrote: > On 11/20/22 22:14, Roberto A. Foglietta wrote: > > On Sun, 20 Nov 2022 at 21:42, G. Branden Robinson > > wrote: > > > > > Thank you for, perhaps inadvertently, compelling me to review some of > > > the content of the package. I can now say that I am certain there is > > > material of worth in the fortunes-off package and support its retention > > > in the Debian distribution. A review process for individual entries > > > that are incompatible with the project's values is manifest in the BTS. > > > > > rational approach vs cancel culture: 1 vs 0 > > <3 > > I can only very much agree to this. I also wholly agree, alas it seems we already lost before this even started :( https://tracker.debian.org/news/1385116/accepted-fortune-mod-11991-72-source-amd64-all-into-unstable/ -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Bug#989254: project: Maintainer email of package `pmount` seems wrong.
Control: reassign -1 src:pmount Control: reassign 989251 src:pmount 0.9.23-3 Control: forcemerge 989251 -1 Control: tag 989251 -a11y On Sun, May 30, 2021 at 04:05:54PM +0200, Drei Eck wrote: > I am reporting this here, since accourding to the Debian bug tracking > system automatic "Acknowledgement" emails bug reports for `pmount` are > sent directly to it's maintainer to an email address that is not > reachable, so bug reports specifically for `pmount` I expect to never > reach anyone responsible. The package is orphaned, so there is nobody responsible for it. > The problem ist: > > The maintainer for `pmount` is in the database as to be "Vincent > Fourmond ", but that email address bounces as I > found out earlier today. This is the bounce I got: the "fix" for this would be to drop that line for the manpages completely, which likely makes sense anyway. > So I ask if the maintainer information for the package `pmount` can be > corrected, and if that has been done previous bug reports for `pmount` > can be re-forwarded to the corrected maintainer address? Since the package is orphaned and there is nobody responsible, there is nobody to forward th bugs to. But no worries, it's not like they are lost: they are filed under https://bugs.debian.org/src:pmount > Btw., Today I have reported three issues related to `pmount`: Unless you find somebody interested in this package, the most likely way to get them fixed is to fix the bugs yourself and follow this page https://mentors.debian.net/sponsors/ to find a sponsor. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
udd-mirror moved to a new host!
Dear developers,
We are hereby announcing that udd-mirror.debian.net, after 7 years of
being hosted by XVM at MIT (http://xvm.mit.edu/), now moved to fosshost
(https://fosshost.org/).
We wish to thank MIT for hosting this service for so long, as well as
thank fosshost in advance for the many years to come!
You can read a bit of history regarding udd-mirror on Asheesh's
blogpost:
https://announce.asheesh.org/2020/11/the-ultimate-debian-database-and-why-i-co-host-a-public-mirror-of-it/
With this occasion, we are also formally deprecating the old address
public-udd-mirror.xvm.mit.edu in favour of the "new"
udd-mirror.debian.net that has been available for more than three years.
Please consider updating your scripts that connect to udd-mirror to use
the new address, as the old one will be phased out in the future (no
sooner than one more year at least).
In this move, we also changed the deployment method, storing the whole
database in docker. Even though we don't foresee any problem for the
users, please do report any unexpected errors you might see.
Feel free to use the GitHub project to open tickets or send pull
requests: https://github.com/paulproteus/public-udd-mirror
On the other hand, this new host is much more performant than the old
one, and as such you should see a huge speed improvement when you run
your queries :)
Hoping to still be of service,
Asheesh Laroia
Mattia Rizzolo
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
More about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Q: When dnsZoneEntry is freed after DD retired
On Tue, Sep 29, 2020 at 05:10:23PM +0900, Kentaro Hayashi wrote:
> How should I ask to remove them in this case?
This being debian-project@ I'm sure there are several DSA members who
follow the list, so I'd say to try and wait some time to see if any of
them follow up.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
More about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Q: When dnsZoneEntry is freed after DD retired
On Mon, Sep 28, 2020 at 05:40:23PM +0900, Kentaro Hayashi wrote: > I couldn't find article about the rule of > "When dnsZoneEntry is freed after DD retired". > So, I want to know it. > > It seems that when DD has retired, dnsZoneEntry: is disabled. > (It is bound to *.debian.net) > > ref. https://wiki.debian.org/DebianDotNet > > It is okay but dnsZoneEntry: is still hold on by retired DD. > > > I've observed that the number of 88 person (retiring or inactive) > owns dnsZoneEntry: field. This totally looks like I bug. I know of a previous instance when the DSA team explicitly told me that were expecting a DD to have their account formally retired/removed before freeing a .d.n entry. FTR, I believe this is the script DSA uses when locking down an account after their retirement/removal: https://salsa.debian.org/dsa-team/mirror/userdir-ldap/-/blob/master/ud-lock -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Emeritus status, and email forwarding [and 1 more messages]
On Thu, Nov 16, 2017 at 07:23:23AM +0800, Paul Wise wrote:
> Is this because of it being hard to track the contributions of
> non-uploading DDs?
Not necessarily (but probably true for some case, for example, those we
got DD_nu because of relevant contributions to the debconf orga, that's
not really easy to figure out…).
Another reason is that the MIA team still doesn't actively look out for
inactive people, but instead reacts on external notices sent to us.
Since there is a constant flow of those I think we will stick with that
way for a while still. Nobody has come to us yet asking to check on a
non-uploader DD.
> Is the MIA team looking at contributors.d.o data?
Yes, that's of great help in our work.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Emeritus status, and email forwarding [and 1 more messages]
On Wed, Nov 15, 2017 at 04:08:41PM +, Ian Jackson wrote: > It would be possible to have an "emeritus" keyring, I guess. Since it > would only be used for email forwarding and a few other things, it > could have weaker security requirements. Techinically such keyring exists, but they are not exported anywhere. But if 1024D are not considered secure anymore, I don't see the point of considering them "not secure, not trustable, but we don't care about email forward so we're fine with having the hijacked", which feels like what you are proposing. IMHO if somebody care to keep their forward email usable they can very well care enough to have a robust enough key and keep it in the keyring, and possibly be demoted to non-uploading DD where the MIA team is not looking at. And most of all, they would need to care enough to carry on such conversation to see it happen, whilst in most cases it seems to me the people first asking for such thing are nowhere near "interested" and expect others to carry on their wishes. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Emeritus status, and email forwarding
On Wed, Nov 15, 2017 at 11:53:18AM +, Ian Jackson wrote:
> Unfortunately it would mean that such people would still need some
> kind of login on Debian systems, so that they could update the email
> forwarding.
In many cases (such this particular one) people don't have a viable gpg
key anymore in the keyring: that means they can't email
chan...@db.debian.org to update their LDAP details (theoretically, they
might still know the LDAP password and do it from there, but in practice
all the people who reach that point already forgot it).
So there is really a very technical issue to overcome for your proposal.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Replace the TC power to depose maintainers
On Fri, Dec 02, 2016 at 01:39:30PM +, Holger Levsen wrote: > On Fri, Dec 02, 2016 at 01:40:31PM +0100, Johannes Schauer wrote: > > > motivation. being able to say "I'm the maintainer of $foo" is a *great* > > > motivation for many. Taking this away *might* cause a lot more harm that > > > gain. > > Why would this be taken away? > > motivation works in strange ways. and it doesnt work the same all of us > too… Example (that I feel is about to happen to me too): a package where you're listed as Maintainer, you used to be interested in it, now you are not anymore; you should probably orphan or RFA it, but you still care a bit about it and you're keeping it very well because you're a great maintainer nonetheless. I think that if I were forced to remove my name from it I'd just forget and let it go to waste by discarding that bit that I cared about. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Replace the TC power to depose maintainers
On Thu, Dec 01, 2016 at 06:26:28PM +, Clint Adams wrote: > On Thu, Dec 01, 2016 at 07:20:36PM +0100, Stefano Zacchiroli wrote: > > We should go for "weak code ownership" instead, which *in theory* is > > what we already have (given every DD can NMU any package), but the > > *culture* of strong ownership is so rooted in the project that people > > are still too afraid of using it. Also, we don't have good tools[^] that > > Indeed, and it has apparently even crept into team maintenance such > that team members don't touch "other people's" team-maintained > packages. Fortunately this is true only for few teams (sadly big/"important"). -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Replace the TC power to depose maintainers
On Thu, Dec 01, 2016 at 06:00:42PM +, Ian Jackson wrote:
> I envisioned a mediation stage, to try to reach consensus, before
> deciding the conflict is irreducible and needs to be settled as such.
>
> Could the MIA team do this ? Would you want to ? It seems like it
> would need many of the same skills and there would be considerable
> overlap with existing MIA activity.
>
> It would be a role with little hard power but a lot of influence.
Ideally, the MIA team could do it. Practically, we're a tad overloaded
right now. As you probably know the team has been inactive for some
years, and restarted being active only during spring this year; we ended
up with a bit of a backlog
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
Re: Replace the TC power to depose maintainers
hers to front the > complaint and argue the case. This helps minimise the justified > fear of retaliation. Fear of retaliation in such a place is IMHO everything but justified. Or at least it shouldn't be... -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: about nvidia-kernel-dkms in debian jessie
On Jul 18, 2014 11:09 AM, # y...@me.com wrote: i wonder how soon will this package come back to the repository. it disappeared about 2 days ago. It will come back once this requirements will be satisfied: https://qa.debian.org/excuses.php?package=nvidia-graphics-drivers In particular, this bug needs fixing: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755020
