to enable
vim-youcompleteme with neovim & provide a merge-request (on salsa) for the
changes needed to the packaging?
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
and me (or someone else)
doing "just" upload sponsoring if needed. Either is fine by me, we
should just get this sorted out – hence the bugreport (not because
I like producing paperwork ;) ).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ight not be the only one who copies stanzas… ;)
This is also the reason why I opted for 'full' instead of 'complete'… the
example GPL-2+ stanzas in the format spec uses these terms.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
the Release file for now so
that stable uses http and we change apt/unstable to use https… decisions
decisions, but that is for ftp/dakmasters to worry about. ;)
Sadly, I haven't thought about allowing this field to be multiline to
give multiple URIs – then again, it might be for the best as
and these kinds of hidden differences can end in a nightmare.
The lesson is as it is so often the case: choose either as default but
regardless the choice someone will be unhappy.
Best regards
David Kalnischkies, who remembers writing that code initially to fix
a bunch of upgrade problems for a
e hook for (guesstimate is to parse Component files and icons,
so the appstore-type applications might not work as intended).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
to ask here or #debian-apt on
IRC or e.g. on salsa.debian.org which I would recommend using for
forking/proposing a merge of your code.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
xed, but not closed for now & claiming ownership
until some time later this week.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
all the worst aspects it
can in the worst case and seems to have only marginal benefits above
what we have¹ in the best case, but a reality check might provide
another/better view (not volunteering myself).
Best regards
David Kalnischkies
¹ which is different from Fedora both in that they hav
dd me to project if you can.
Added to Debian/ycmd and vim-youcompleteme as "Master".
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
se someone (perhaps me) will hopefully adopt it and
patches and stuff flow in that direction instead.
Best regards
David Kalnischkies
[0] https://salsa.debian.org/donkult/ycmd and vim-youcompleteme forked
from Debian/ycmd (and co) which I imported from alioth collab-maint.
signature.asc
Description: PGP signature
in
Debian looks like. If your focus shifted elsewhere that's okay, if not:
All the better & feel free to drop me a line if there is something
I/Debian could help you with!
So sorry for nagging you & Best regards
David Kalnischkies, who happily makes use of your work on youcomp
n use basename somehow to figure out the name, but I feel that this
> would be a little surprising.
We haven't figured out a sensible scheme for file naming either which
was one more reason to not try to make 'apt-key add' work without gpg.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
f these 3 messages are marked for translation ATM btw (and given
the construction probably never will… as translating a message for each
seems like total overkill).
Any comments/other suggestions?
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
fect
all queries (Acquire::EnableSrvRecords "false";).
[I will keep that bugreport open for the moment, so I can add
a paragraph about this to the README and apply a tighter
Recommends: apt (>= 1.7~something) then its released.]
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
drop me (and/or Debian as a whole) a line if
there is something I/we can help you with!
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
deal sanely with
the constant name-changing of gtests packaging through…
(or well, we probably need to end up with a mix of all that to keep
working everywhere, so… no patch, just a hint for others looking into
it as I was a bit surprised it worked for me locally…).
Best regards
David K
quot; (or any
other environment appropiate recommendation) if they/users aren't happy
with a random pick by apt.
(Yes, if apt would work differently that would be better "hidden" by
accident and apt might change in the distant future to "hide" it better,
but the problem rem
s bunch of bugreports is not really related to what you
describe in your message. The "issue" in the bugreports is that apt
considers packages with same version but different content as different…
which is a feature as if the package is intended to have different
content it should hav
you can use mirror+file:/path/to/mirrorlist – but yeah,
really see the manpage for details on how that file should look.
The documentation could surely be improved, if there are ideas/patches…
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
pointless "remove the world to upgrade libc6:fastarch" solutions.
It's on the list of things to do at least since I implemented
Packages-all support at all… not too long ago but not exactly recent
either… "later" after being done with the current batch I guess (if
nobody el
implementation of "apt(-get)
changelog" as a complete example.
Perhaps this is another command aptitude could delegate entirely by
calling apt – but I don't know aptitude specifics.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ess (and probably of
others, too) to merge a proposed patch.
If there are questions feel free to drop us a line her or elsewhere; we
are e.g. also around on IRC in #debian-apt.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
by
default to avoid sync problems]. See the apt-transport-mirror manpage
(in 1.6) for advanced details.
³ more exact: The list of three mirrors will be shuffled randomly for
each file and then the download is attempt in this order, so it isn't
exactly load-balanced, but close enough for now.
Anyhow: What are we going to do with this bugreport now? Close, retitle
for http2 support or is there some other action we can take to fix the
initial problem?
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
" data to put up constraints for the "new"
data – including that a repository can't change its Codename from
"buster" to "bullseye" without a user explicitly confirming this (even
if "stable" is written in the sources.list – implemented in 1.5 which is
why I talk about stable+1 and stable+2 at the time of writing).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ke" it there and can
also solve it there (and we have the same thing going with 'apt'). In
your case the commit which should be posted by some automated process
soon is just hiding the warning as it spurious in your case (as noted
above) and solves also a few related ones (like not hav
general, so I would say this isn't an apt bug.
(Althrough, if we decide on v2, I guess apt needs to change anyhow as
that same call thing might be just dumb luck in this case. Not even sure
if v1 is in any way "guaranteed" to be perfectly honest…)
Can't stop the feeling that we had issues with python begin called from
prerm before and the general advice was: "don't – stick to essential".
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
what to write there?
I will merge it into the po file then (as I have to fix two more
needless fuzzies anyhow which slipped into ~alpha6).
Thanks again & Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ted. That "worked" with apt_auth.conf,
apt-transport-mirror & -tor, but isn't really ideal (at least from
a "get this documented soon and applicable to all apt versions
preferably" point of view).
So if you (or someone else) wants to work on it: Go a head, there is
noone stopping you & we will try to help as best we can. No point in
stomping your boots on the ground and demanding changes through.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
both would carry it as "2.0".
I am therefore reassigning to unattended-upgrades and would suggest as
a quickfix to fix either the versionumber or the filename in the test.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
as doing or work
with the (now reimplemented) -mirror method. That hard-depends on your
"behind load-balancer" servers to be reachable directly through. But it
gets you parallel connections without changing clients (at least in the
first case, in the second you will need to wait a few year
turn means apt isn't making use of the translations
shipped in this way.
I haven't tried the attached patch which basically reverts the breaking
one-line change, so take it with a pinch of salt, but I am hopeful it
works.
Thanks for considering & best regards
David Kalnischkies
¹
a "Connected" msg)
You can just reply here with what should be written there,
I will apply it then – no need to roll a new po.
Thanks again & "schönes Wochenende",
David Kalnischkies
signature.asc
Description: PGP signature
format
> #| msgid "Connecting to %s (%s)"
> msgid "Connected to %s (%s)"
> msgstr "Bağlanılıyor %s (%s)"
(yes, we have a "Connected" and a "Connecting" message now)
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
On Tue, Jan 02, 2018 at 01:11:32PM -0500, Marvin Renich wrote:
> * David Kalnischkies [180102 06:03]:
> > On Mon, Jan 01, 2018 at 05:09:21PM -0500, Marvin Renich wrote:
> > > IOW, using pkg-name:amd64 in the log loses information that is harder to
> > > recover, while
ptitude should (not) do. I am
just saying what apt does (not) and why in a similar case.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
"rare" edgecases: Its pretty clear that you
have to deal with 'all' one way or the other and you have to do it
either way anyhow (its probably not too bad. In all likelyhood you
"need" the architecture to guess filenames for download. There are so
many problems with i
d via one of support channels documented on debian.org/support like
IRC, forums or mailinglists – simply because the reply-roundtrip time
tends to be lower than in the bugtracking system as its primary focus is
on finding longtime solutions for general problems rather than instant
solutions
r
soul. (SCNR)
On a more serious note, I think I already outlined that further above,
but in short: Different user expectations both from the side of the user
and of the program. Thankfully a user can switch between all of them
rather easily – much simpler than changing text editors^W^Wdesktop
environments…
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
are reading
descriptions and co before installation of course] – if there are good
ideas we could implement I would be happy to hear them!
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
meone wants to work on any of this feel free to talk to us (before
splitting the bug up, a bit more thought would need to be put in & the
bugreport as is has a name good enough to catch the attention of anyone
remotely interested I would hope).
Best regards
David Kalnischkies
[0]
ensive takes off. SCNR)
> I second this patch. I suggest we add it as section 3.1.1, i.e., as a
> subsection to 3.1 "The package name".
[As this is the first subsection I wonder if there will soon be many
more "rip-off" naming conventions added like python-*, *-perl
in the issue part as that feature is
ideally a user invisible change and the news entry just points to the
issue section (but to be honest, not sure if its even worthy for issues
as we have bigger issues if we haven't figured out the required syscalls
for all release architectures at buster release time…)
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
rary incompatibility in the list above as a potential
contender.
btw: Yeah for using tor! You know that there are onion services for all
Debian archives available? See onion.debian.org [5nca3wxl33tzlzj5.onion]
Best regards
David Kalnischkies, apt(-transport-tor) developer
signature.asc
Description: PGP signature
but really
some syscall not whitelisted which should be).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
esn't make use of this yet through
and I don't know how other tools might react if it would).
So we can't really go with a logic of "if any file from this component
can be downloaded" as that set might very well be empty. We also can't
look if the Release file contains any file for this component as we
don't really know what is the component in the filepath:
"main/debian-installer/some/file" might be from the component "main",
"main/debian-installer" or "main/debian-installer/some".
As said, I am not sure. In the end reassigning to ftpmaster might be the
best option, but I am open for other opinions.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
nds. :)
The DoUpdate function in apt-private/private-update.cc should be a good
start for looking into it althrough the implementation of the message
might end up in another place (e.g. in the Fetcher implementation in
apt-pkg/acquire.cc). If there are questions we are happy to help here,
on
ot;RootDir" isn't really used
much due to it behaviour of being a prefix for all pathnames – even for
absolute paths. You might want to try setting "Dir" instead.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
lso breaking some
security aspects as apt uses the old data e.g. to prevent an attacker from
serving "older but still valid" data…
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
omplete or outdated already)
and the other files tend to be no longer compressed & you can't be sure
that if you compress it again, that you would get the same hash (as e.g.
different versions of a compressor can generate different compatible
files).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
at could turn out to be more confusing than
helping… (and as said, dpkg hasn't changed in a while).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
sitory/Format#Date.2C_Valid-Until
And indeed if I run apt-ftparchive:
$ mkdir /tmp/aptftptest
$ cd /tmp/aptftptest
$ apt-ftparchive release .
Date: Wed, 16 Aug 2017 14:35:14 +
MD5Sum:
SHA1:
SHA256:
SHA512:
$
(beside that our test framework uses it, too, so that should work™)
Best regards
u said it right in the paragraph I quoted and still I missed it
that both symbols are emitted and thought the symbols patch is a typo
missing a '-' … thanks brain, very good job…
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
I would presume they managed to pull
it of somehow (or we would be looking at v7 everywhere now).
Best regards
David Kalnischkies
[0]
https://lists.debian.org/
signature.asc
Description: PGP signature
upstream itself
or via Tor is working on fixing this at the root?
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
chive doesn't
get a whole lot of attention and testing and I would like to avoid
fixing regressions on emergency in stable buster.
Best regards
David Kalnischkies
From ec18a3647f678590ba4dc1112820fd19919ac0c8 Mon Sep 17 00:00:00 2001
From: David Kalnischkies
Date: Fri, 28 Jul 2017
pg by bending it to our needs – with the upside
that one day we might 'easily' change to the web of trust if it becomes
feasible for our usecase.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
aps it would be
a good idea to implement list in a way of showing which keyrings belong
to which package (and which do not belong to any package, aka created by
user). I will leave that up for someone to decide & work on who is a lot
more interested in third-party repositories, through.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
nd the problem that it effects filelist
which it shouldn't. Lastly, we have basically no test covering this
which conflicts with the no-new-untested code rule we try to enforce
meaning yet more work.
(Then again, in the time I wrote the mails, I could have probably just
written a few alibi tests and fix the patch, … oh well.)
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
helps already. If not the output of the earlier two might
help us. If "apt update" still fails please add: -o Debug::Acquire::gpgv=1
and include the full output (beware, that can be a lot) in a followup.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
of an argument than "but … the DPL said so!"… ;)
Best regards
David Kalnischkies
P.S.: apt-sortpkgs can help all those poor folks with unreproducible
index files now – it will also make indexes reproducible across tools
(assuming they all generate the same fields).
signature.asc
Description: PGP signature
again for not reacting earlier & feel free to ping the report in case
that should happen again!
And of course also: Thanks for the update!
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ault-Release; see also the apt_preferences(5) manual page.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
vive with leaving this open until someone comes
along with more experience who fixes it – or closes it at the time ftp
is gone.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
is using it anymore… desperate the name HTTP is a lot
better for file transfers anyhow.
Best regards
David Kalnischkies
[0] https://lists.debian.org/debian-announce/2017/msg1.html
signature.asc
Description: PGP signature
On Tue, May 30, 2017 at 01:29:33AM +0200, Jakub Wilk wrote:
> * David Kalnischkies , 2017-05-28, 10:35:
> > > > Unfortunately, this protection is ineffective. All the attacker
> > > > needs to do to hide security updates is to replace all the files
> > > >
.5 pile. Until that goes public, patch attached.
Best regards
David Kalnischkies
From 4c4e306a1be1e074ca07bec542c1469b909e2bfa Mon Sep 17 00:00:00 2001
From: David Kalnischkies
Date: Mon, 29 May 2017 18:02:28 +0200
Subject: [PATCH] don't show incorrect 'How odd' errror in no-download mod
what "reproducible" means in
super laymen terms as I am not sure users will understand it. We have
trained people to understand "reproducible" in terms of bugs, but what
that means in the context of installing binary packages… installing
things is pretty reproducible, isn't it?
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
y, I guess 'domain knowledge' is involved as we wouldn't be
talking if libssl-dev would be a new mail-transport-agent. It would be
perfectly clear that it must conflict with the others even if there is
no technical reason for it given that the other mail-transport-agents
already confli
ll-recommends.
I would recommend not to recommend it because apt follows the general
recommendation of not recommending the installation of recommendations
of build-dependencies by default for all recommended Debian releases.
Recommended summary: Already the default since 2011.
Recommending eve
e release you can use (that isn't the case for < 1.0 which you
were testing, but for >= 1.1).
Best regards
David Kalnischkies
P.S.: "Securing" the transport via HTTPS or Tor isn't really a solution
btw as this isn't a "conventional" replay attack as you aren&
ve as hinted
above. Please CC de...@lists.debian.org if there are any questions you
think we could answer.
Best regards
David Kalnischkies
¹ The cagefights are a design decision in the current default resolver,
which is impossible^Whard to change and absolutely not going to happen
any time soon y
o downloading so
we can work on making it "perfect" once from a security standpoint
rather than "so lala"¹ for each individual package manager.
¹ german for "okayish", but with a (stronger) hint of "would not hold
its ground if someone would look closer".
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
support
released apt versions for many years (which also means quite a few are
supported in parallel).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
tput is logged.
The logfile in question is /var/log/apt/term.log .
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
the "pkg" is missing
from them – just don't ask me why as I have no idea ;) )
Assuming this is reproducible. I fear it isn't… (running apt with these
options isn't dangerous or anything if someone wanted to try for longer,
they just make apt super chatty about some things.)
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ign so you are quickly wasting a lot of time (ignoring
all the problems you have while collection the dependencies). From that
short paragraph alone you can guess that this is non-trivial aka not for
stretch. It is in fact basically a new resolver which we get ever so
slightly closer to cleanly
rading perl) as the dependency on libcrack2 is already
satisfied at the start of the upgrade (as its a version before jessie).
As the dependencies of libcrack2 are very lightweight (just libc6 which
is done at that point) it might already work if you artificially require
a stretch-version here (= guess, not tested at all).
Best regards
David Kalnischkies, who is in a love-hate relationship with triggers
signature.asc
Description: PGP signature
now be closed since APT::Move-Autobit-Sections has been implemented.
Implemented in 2015, also not in effect for aptitude if not explicitly
duplicated there. Same "solution" as above.
The move happens on the upgrade of the transitional package changing
from whatever-section to
some details on what to do instead and how to
achieve compatibility with "old" and "new" po4a.
Thanks Martin for picking up po4a development btw even if the timing is
a bit unfortunate for (accidental?) uploads to unstable…
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
haven't proxy environment variables ("export | grep
-i proxy") or similar such interfering.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
(different) warning would both be annoying (for
the deliberate choice user) as well as not really helpful for the
unsuspecting user… but perhaps no by-choice user exist… mhhh.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
-- /etc/apt/sources.list --
mhhh. That file doesn't include the backports.org source you mentioned
earlier. I take it that you have dropped:
> # Put local repository definitions into /etc/apt/sources.list.d/local-*
It would be a good idea to make a note about that next time.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
tter to get that huge diff out of the way first and deal
with these minor things later. We^WJulian will do as you prefer. ;P
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
feature, too].
> > Remember we're talking about adding extra repositories with custom d-i
> > configuration, so I'm fine with people having broken stuff because they
> > pasted a whole mail…
>
> agreed, we can expect these folks to get the details right.
For the same reason I wouldn't worry too much about people using *.asc
files with binary format contents and vice versa to be honest.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
as simple as dying/faulty memory? apt & dpkg have a tendency
to show hardware issues as they are more demanding than most apps…
If someone could replicate that system and run the update for real that
would probably shine more light on the issue – unreproducible for me
until then.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
we don't
react to the window change 'instantly'…
I have no immediate idea at least but with my mentioned commit we
are at least back to a pre-beta3 state which seemed to have worked for
a while now… (unsurprisingly, I couldn't reproduce the problem in a few
test runs bef
"your" solution. There is no "temp" hold at the moment apart
from asking apt to install a package already installed, but that might
be added some time in the future.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
So, with that in mind and given that even the reporter can't reproduce
it the bugreport as such seems rather unactionable - tagging as such.
Best regards
David Kalnischkies
[1] https://en.wikipedia.org/wiki/Bus_error
signature.asc
Description: PGP signature
unhelpful), will use different circuits for different
sources and stuff.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
On Sat, Dec 31, 2016 at 01:25:33AM +, Ian Jackson wrote:
> David Kalnischkies writes ("Re: Bug#848194: Want way to get Release (or
> InRelease) file from cache"):
> > On Mon, Dec 19, 2016 at 01:18:13AM +, Ian Jackson wrote:
> > > I get a sense of puzzlement
On Tue, Jan 03, 2017 at 10:29:19AM +0100, Olaf van der Spek wrote:
> 2016-12-25 13:12 GMT+01:00 David Kalnischkies :
> >> Can't it detect mariadb-server-10.1 being a proper upgrade of
> >> mariadb-server-10.0 and hence scoring this as neutral or positive?
> >
>
xample code I gave all these situations will
produce a line and you can let it give you any info available in the
Release file – I would suggest looking at the output of the command and
the documentation in /usr/share/doc/apt-doc/acquire-additional-files.txt
> part I have to use `apt-cache madison' or `apt show' for. `apt show'
> contains an `APT-Sources' line which I could presumably correlate with
> indextargets.
Don't use 'apt' in scripts. And as said above all info is available
anyhow so you don't need to correlate anything.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
o: As this is adding a non-trivial amount of code to a much beloved
and very important feature it would be in your best interest to add
some very basic tests for this [for you] obviously very important
behaviour² so future incarnations do not (re)break reproducibility of
moo. You may add them to
fi" but that would really need someone to verify
that this has the intended result (and is available in your setup).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
omething can be said about having the
other test named 'run-tests' …).
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
of
systems always carries a risk of activating also bugs with it.
The very nature of the option makes it also particularily hard to test
– apt itself hasn't a single test covering this option.
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
as an upgrade is based on your knowledge of mariadb
and how it (incompatibly!) changes in each new version: For apt it looks
like the package 'default-texteditor' changed its depends from 'vim' to
'emacs' [actually worse than that as those two are co-installable] and
that isn't an upgrade! ;)
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
ed-By: Sources" --format='$(FILENAME) $(CODENAME)
$(SUITE)' | while read file codename suite; do
| if /usr/lib/apt/apt-helper cat-file "$file" | grep-dctrl -q -PX apt -a -F
Version -X '1.4~beta2'; then
| echo "FOUND in: $codename ($suite) $file";
| fi
| done
Best regards
David Kalnischkies
signature.asc
Description: PGP signature
earch for keywords /after/ fixing something, but I am never
looking for something to fix as the influx of new ones is more than
enough…
Best regards
David Kalnischkies
[0] Its maintained of course: If there are bugs we might end up fixing
them eventually – but its the same with the 600 other bugs in src
201 - 300 of 1111 matches
Mail list logo
