Re: secure installation
On Wed, Aug 22, 2007 at 09:29:10AM +0200, Johannes Wiedersich wrote: - From the documentation I gather, that update-manager would probably work on kde, but that it just checks, if the package information has changed. This would have to occur either manually or by some cron job, cron-apt etc. So _at least_ it requires reading some manuals and manual configuration. update-notifier also does not suggest or recommend cron-apt or any other backend to commit the required 'aptitude update'. Did you actually tried update-notifier on KDE? update-notifier checks himself if the package information has changed periodically. There's no need for update-notifier to depend on cron-apt or any 'backend' as it already does the job. If you ask it to install new software it will run update-manager. Regards Javier signature.asc Description: Digital signature
Re: secure installation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Javier Fernández-Sanguino Peña wrote: On Wed, Aug 22, 2007 at 09:29:10AM +0200, Johannes Wiedersich wrote: - From the documentation I gather, that update-manager would probably work on kde, but that it just checks, if the package information has changed. This would have to occur either manually or by some cron job, cron-apt etc. So _at least_ it requires reading some manuals and manual configuration. update-notifier also does not suggest or recommend cron-apt or any other backend to commit the required 'aptitude update'. Did you actually tried update-notifier on KDE? Yes, it was installed on my system for some months, but it never informed me about any update. (I get informed via debian-security-announce, though and install updates 'by hand'. ) update-notifier checks himself if the package information has changed periodically. There's no need for update-notifier to depend on cron-apt or any 'backend' as it already does the job. If you ask it to install new software it will run update-manager. That's what I would expect from its description in 'aptitude show update-[manager|notifier]. The README, however states a different story: / more /usr/share/doc/update-notifier/README Upgrade notifier tray icon - -- This is a small tray icon that backgrounds itself and checks for upgrades. It does nothing more. It must be ensured by other means (like a cron job) that a regular apt-get update is done. This is ensured by installing a option into /etc/apt/apt.conf.d to trigger a cron update script. It uses FAM to monitor /var/lib/apt/lists/* and /var/lib/update-notifier/dpkg-run-stamp. If they change it updates it's status. Needs libgnomeui2.0-dev and libhal-dev to build and gksu to run. Based on ideas of Matt Zimmerman und Jeff Waught. Tray example from Lukas Lipka [EMAIL PROTECTED]. Lot's of cleanups from Michiel Sikkes. Thanks! Michael Vogt \== Note, that I don't even have fam installed, I have gamin for some reasons I don't know or remember. My personal conclusion: Simply installing update-manager (on etch) does not necessarily notify the user of security updates. It might 'automagically' work in some situations, but as long as it doesn't do so in _any_ situation it will just make newbee users feel comfortable, while not providing notifications about security updates. Johannes -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGzUIcC1NzPRl9qEURAqLWAJsF/KhVriRFk23Iza9JiDsGVpL53ACaAtLp bhfbfThn0YX259o8fhDhYow= =XHPc -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: secure installation
On Thu, 23 Aug 2007, Johannes Wiedersich wrote: Note, that I don't even have fam installed, I have gamin for some reasons I don't know or remember. just to exclude one problem: I have gamin as well, instead of fam, and update-notifier works fine here (on gnome). Bye Giacomo -- _ Giacomo Mulas [EMAIL PROTECTED] _ OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222 Tel. (UNICA): +39 070 675 4916 _ When the storms are raging around you, stay right where you are (Freddy Mercury) _ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: secure installation
On Thu, Aug 23, 2007 at 10:15:25AM +0200, Johannes Wiedersich wrote: Did you actually tried update-notifier on KDE? Yes, it was installed on my system for some months, but it never informed me about any update. (I get informed via debian-security-announce, though and install updates 'by hand'. ) You are absolutely right. Now that I look at both the code and my system it turns out it's working OK here because I also have cron-apt installed. Fact is, upgrade-notifier's source code contains a cron script for that, it's just not activated so for the time being. I guess installing cron-apt should fix that. update-notifier checks himself if the package information has changed periodically. There's no need for update-notifier to depend on cron-apt or any 'backend' as it already does the job. If you ask it to install new software it will run update-manager. That's what I would expect from its description in 'aptitude show update-[manager|notifier]. Yes, and from the manpage. I'm going to go and file a bug. Regards Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Warranty was Re: secure installation
I believe Microsoft software comes with NO WARRANTY as well. Hell, we should read the small print on all software... It does come with a warranty, at least in Germany/Europe. Everything you *pay* for has by law two years of warranty. The problem is that almost no one knows that they have this warranty on software. The act you are referring to is only absolutely binding for contracts between a company and a consumer, not for contracts between two companies. Willi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: secure installation
On Thu, Aug 23, 2007 at 10:15:25AM +0200, Johannes Wiedersich wrote: Simply installing update-manager (on etch) does not necessarily notify the user of security updates. It might 'automagically' work in some situations, but as long as it doesn't do so in _any_ situation it will just make newbee users feel comfortable, while not providing notifications about security updates. I've further investigated this issue. The fact is, the tool that *actually* updates the package database is /etc/cron.daily/apt, that task is installed by Apt, you don't need cron-apt to do it. This cron task uses the Apt::Periodic [1] configuration which is set, for example, in GNOME through the /usr/bin/software-properties application (called in by the desktop System - Admin -Software origins - Updates). Through the GUI you can be set when check for updates (and modify Apt's configuration accordingly). I believe by default, in GNOME, it is configured to download the lists (but no the packages themselves) daily. The fact that update-notifier doesn't work in KDE for you might be because either you don't have installed (or KDE lacks) and application that handles that piece of Apt's configuration for you, or maybe because some other application mangled it. In my /etc/apt/apt.conf.d/10periodic file (file installed by update-manager) I have this: APT::Periodic::Update-Package-Lists 1; APT::Periodic::Download-Upgradeable-Packages 0; You probably have something else there? Regards Javier [1] A configuration option of Apt which is used, but currently not documented :) (#438559) signature.asc Description: Digital signature
Testers needed for Asterisk/Sarge
We need testers for an extensive security update for asterisk in Sarge. If you still run Asterisk on Sarge and are willing to test, please get in touch with me. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]