Re: Status report / Package uploads / Request for comments
Le mardi 22 février 2011 à 00:57 +0100, Michael Prokop a écrit : Hi, squeeze is out, jey. :) Status report - I just uploaded a bunch of our packages (thanks for your work Christophe!) and will continue to do so over the next few days. Thanks for this good work late at night Mika ! A new guymager release is just waiting for libguytools2 2.0.1-1 to pass NEW queue. I'm in contact with the author of xmount to get a new upstream release into Debian as well (had some problems WRT libssl licensing). It's maybe a good opportunity to add debian-forensics as package owner to have it in our qa page ? Package uploads --- What's in my queue for uploading currently: * extundelete * libpff * sleuthkit (with afflib branch) * wipe Are there any further git repositories ready for uploading I should take care of right now? Does anyone need any help somewhere? Not yet, I'm currently working on undbx and after that, I plan to work on the latest sleuthkit but I have to study the way it was packaged to not break things. Request for comments We had the issue coming up on IRC to get rid of tct. What do you guys think of that? Should I file a request for removal? I agree to remove it. I'd like to make sure http://wiki.debian.org/DebianForensics/TODO and http://wiki.debian.org/DebianForensics/BugSquashing are up2date again, since squeeze being available now. If you have any updates for those pages please do so, so we can continue working on our packaging efforts as coordinated as possible. I have added dff http://www.digital-forensic.org/ to the todo page. It's already debianized but not officially. Thanks! regards, -mika- -- Christophe Monniez christophe.monn...@fccu.be ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/forensics-devel
Debian Forensics Tasksel
Hi all, As the activity is coming back in the debian forensics list, I would like to discuss the idea of a forensics tasksel. I have no experience with tasksel but it seems to be a good idea to have forensics tasksel implemented. I have a lot of people asking me what do they need to do when installing a debian distribution for forensics purpose. Here are a few ideas where tasksel could help us: - Installing all the forensics packages + a few useful packages. - Disabling any automount feature of the different graphical installers. - Adding an /etc/sudoers.d/forensic file to give the forensics people the ability to mount systems without being root and maybe without password. - Allow more loop devices than 8 - Modifiy initramfs in order to not modify disks at boot time. - ... 1) Do you thinks it's a good idea ? 2) Do you have any experience with tasksel and would like to help ? 3) Do you have other ideas ? -- Christophe Monniez christophe.monn...@fccu.be ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/forensics-devel
Bug#614609: marked as done (icat: doesn't working with ext3 in kernel 2.6.32-5)
Your message dated Tue, 22 Feb 2011 19:18:08 -0300 with message-id AANLkTi=vyduao6hj_vd4ucl8uorfadm7aomk1gncg...@mail.gmail.com and subject line Re: icat: doesn't working with ext3 in kernel 2.6.32-5 has caused the Debian Bug report #614609, regarding icat: doesn't working with ext3 in kernel 2.6.32-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 614609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614609 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: sleuthkit Version: 3.1.3-1 Severity: normal Tags: squeeze The icat command doesn't retrieve data from an inode in ext3 filesystem when using kernel 2.6.32-5. For example: icat img.dd 12 I think this problem was caused by improvements in filesystem code. Thanks in advance. Regards, Eriberto - Brazil -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sleuthkit depends on: ii file 5.04-5 Determines file type using magic ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libdate-manip-perl6.11-1 module for manipulating dates ii libgcc1 1:4.4.5-8 GCC support library ii libstdc++64.4.5-8The GNU Standard C++ Library v3 ii libtsk3-3 3.1.3-1library for forensics analysis on sleuthkit recommends no packages. sleuthkit suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- I am closing this bug because, reading more about file recover X ext3, I found several references about the recover be very hard with ext3/4. So we no have a big problem with icat. Sorry for my mistake. Regards, Eriberto - Brazil ---End Message--- ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/forensics-devel
Bug#592199: marked as done (fls: not recursive to Ext4 images)
Your message dated Tue, 22 Feb 2011 19:21:40 -0300 with message-id aanlktikpggtjegkc5o8qaygr9-qhoku3x_e-cbibj...@mail.gmail.com and subject line Re: fls: not recursive to Ext4 images has caused the Debian Bug report #592199, regarding fls: not recursive to Ext4 images to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 592199: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592199 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: sleuthkit Version: 3.1.3-1 Severity: normal The fls command doesn't work recursively with images using Ext4 filesystem. I tested it in images using Ext3 and partitions (e.g. /dev/sda1) using Ext3/4 filesystem and the fls worked fine. The problem is with Ext4 images only. Thanks in advance. Regards, Eriberto - Brazil -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sleuthkit depends on: ii file 5.04-4 Determines file type using magic ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libdate-manip-perl6.11-1 module for manipulating dates ii libgcc1 1:4.4.4-7 GCC support library ii libstdc++64.4.4-7The GNU Standard C++ Library v3 ii libtsk3-3 3.1.3-1library for forensics analysis on sleuthkit recommends no packages. sleuthkit suggests no packages. -- no debconf information ---End Message--- ---BeginMessage--- Really, the TSK isn't compliant with Ext4 yet. So I am closing this bug. Thanks. Regards, Eriberto - Brazil ---End Message--- ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/forensics-devel
Bug#614609: icat: doesn't working with ext3 in kernel 2.6.32-5
Hi Eriberto Can you send me more details? What is the error message? How do you know there is something in inode 12? can you share the image that has the problem you are seeing? thanks, brian On Feb 22, 2011, at 11:34 AM, Joao Eriberto Mota Filho wrote: Package: sleuthkit Version: 3.1.3-1 Severity: normal Tags: squeeze The icat command doesn't retrieve data from an inode in ext3 filesystem when using kernel 2.6.32-5. For example: icat img.dd 12 I think this problem was caused by improvements in filesystem code. Thanks in advance. Regards, Eriberto - Brazil -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sleuthkit depends on: ii file 5.04-5 Determines file type using magic ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libdate-manip-perl6.11-1 module for manipulating dates ii libgcc1 1:4.4.5-8 GCC support library ii libstdc++64.4.5-8The GNU Standard C++ Library v3 ii libtsk3-3 3.1.3-1library for forensics analysis on sleuthkit recommends no packages. sleuthkit suggests no packages. -- no debconf information ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/forensics-devel