It seems the immediate crash was caused by gnome-shell trying to do
execmem, I guess some JavaScript JIT thing. After enabling the
allow_execmem boolean, gnome-shell no longer crashes.
I am not sure how, but it would be good to have better out-of-the-box
experience with SELinux on desktop
Package: selinux-policy-default
Version: 2:2.20221101-9
Severity: important
Dear Maintainer,
I am fully aware that selinux is not really considered a first class
citizen in Debian, especially in graphical desktop use cases. Never
had any trouble with AppArmor and I've had moderate success with
Package: evolution
Version: 3.46.4-2
Severity: normal
X-Debbugs-Cc: none, Henrik Ahlgren
Not sure if this bugs belongs to evolution or libgtk-3-0 package, but I
mostly see this with Evolution (randomly also with LibreOffice?), so I
don't think it's a Gtk bug affecting all software.
Consider
In a fresh install of bookworm with GNOME desktop, the problem of
ssh-add -D not removing ed25519 keys still remains in 2023. When
investigating this, I noticed that in the default configuration, there
are at least FIVE separate SSH agent processes running:
1. gnome-keyring-daemon process (the
Same thing here with an AMD Ryzen 5 PRO 3400G system.
Also gnome-shell have been complaining about "Failed to set CRTC gamma:
drmModeCrtcSetGamma on CRTC 62 failed: Permission denied" for some time. I
don't know what is CRTC 62, but clearly it is related.
The error message with version 1.4.5-3 in bullseye is slightly
different, but colord-sane still outputs nasty errors with high
severity to the system log when connecting and disconnecting USB
storage devices:
Feb 17 20:40:23 zanshin colord-sane[205757]: io/hpmud/musb.c 2101:
Invalid usb_open:
In addition to the description being very much outdated and misleading
and confusing, it does not help that the upstream homepage in package
metadata https://projects.gnome.org/gnome-power-manager/ is now 404.
Henrik
Any possibility the whole /etc/xdg/autostart/hplip-systray.desktop file
could be dropped from future versions if it does not work at all?
The "No system tray detected on this system." error dialog every user
gets when logging in in default GNOME desktop is very annoying.
Please fix this issue
Is the netdev group really obsolete? It seems to me that at least
network-manager, wpasupplicant and avahi-daemon rely on it (for
dbus.1/polkit-1). All packages add the group in .postinst.
Like with most of these old groups, the name is not optimal: it does
not really deal with "devices". Only
reassign 972052 base-passwd
retitle 972052 base-passwd: cups does not run as cupsys:lp
thanks
My bad, wrong package.
Package: cups-daemon
Version: 2.2.10-6+deb10u3
Severity: normal
The cupsys group was added to users-and-groups in 2005 (#290237). I
don't remember if cups used to run as such user back then, but now it
(very unfortunately) runs as root, and no such user is present in
the system. This is at least
I still feel sudo is such an important group, that it would be good if
users-and-groups.txt would be further improved to more clearly document
that this group is what allows users to not only run commands with sudo
and pkexec, but also execute various other polkit-1 actions like
install software
I believe using dh_usrlocal(1) debhelper should do this automatically.
Manpage:
If a directory is owned by root:root, then ownership will be determined
at install time. The ownership and permission bits will either be
root:root mode 0755 or root:staff mode 02775. The actual choice depends
on
I've always found it bit weird and confusing that the first user
created during installation by d-i is "special" and belongs to a number
of groups that apparently are mostly unecessary in the modern world.
However, when you add a new user using the command line
(useradd/adduser), or the GNOME
Upgrading from Jessie to Stretch with apparmor enabled seems to fail:
Setting up mariadb-server-10.1 (10.1.26-0+deb9u1) ...
Installing new version of config
file /etc/apparmor.d/usr.sbin.mysqld ...
Installing new version of config file /etc/init.d/mysql ...
Package: certbot
Version: 0.10.2-1~bpo8+1
Severity: normal
Certbog logs to /var/log/letsencrypt.log using DEBUG as the default
log level. It rotates the log on each invocation, i.e. (at least)
daily. If I understand correctly (main.py:setup_log_file_handler),
1000 log files are retained.
On my
Yes, the test case you described works as expected, but have you tried
this:
- Start onionshare GUI
- Add a file
- Uncheck the "Stop server automatically" setting
- Click "Start server" and wait for the server to come up
- Download the file using Tor Browser
- Select "New tor circuit for this
F1 works in many terminals (e.g. plain xterm), but in GNOME it opens the
help window, unless the shortcut is disabled.
It would be useful if simple "1", "2", etc. would work instead of
function keys.
Oops, sorry about my brainfart. Of course it does not shut down the
onion service in case I only download the HTML download page (using
wget), but not the payload itself. After downloading "/download",
onionshare says "Closing automatically because download finished" and
the hidden service is gone
Package: onionshare
Version: 0.6-3
Severity: important
Manual page reads:
"OnionShare's default behaviour is to shut down the hidden service and
to stop once the file has been downloaded. You can prevent this
behaviour by invoking the --stay-open option. This can be useful if
you want multiple
I disagree that this issue is not serious since there is a
workaround. If the cache needs to be deleted every time you want to
access your email, it basically makes the program unusable as an IMAP
client. Also, sometimes certain emails do not appear in the inbox even
after deleting the cache. They
I believe this has been fixed since GNU tar 1.24.
>From NEWS:
** Symbolic link attributes
When extracting symbolic links, tar now restores attributes such as
last-modified time and link permissions, if the operating system
supports this. For example, recent versions of the Linux kernel
support
Package: apt-show-versions
Version: 0.22.4
Severity: wishlist
If a strict umask in effect during cache file initialization,
apt-show-versions creates the files without read permissions for
normal users.
If a non-root user runs apt-show-versions, this happens:
can't open
If support for MP3 is not enabled (due to licensing/patent issues
perhaps?), what is the point of shipping all the files
in /usr/share/scratch/Media/Sounds? They just waste disk space.
The file selection dialog does not even indicate file type (mp3/wav), so
the user experience is frustrating
Package: macchanger
Version: 1.7.0-5.3
Severity: wishlist
Dear Maintainer,
ifupdown.sh logs to /var/log/macchanger.log simply by redirecting the
output of macchanger and few echo commands. This means no timestamps
are written to the log, making it difficult to debug problems.
Please consider
Package: electrum
Version: 2.5.4-2
Severity: minor
Dear Maintainer,
1.9.8-4 (jessie) had the application icon installed in rather strange
location but it worked just fine:
/usr/share/app-install/icons/electrum.png
Version 2.5.4 does not appear to ship an icon file at all. However it
says
This issue seems to only affect export to XML. Export to text file
defaults to "All Files" in the file selection dialog, where XML
defaults to *.xml. Otherwise the source code looks pretty similar for
both:
Export_KeePassX_Xml.cpp:
bool Export_KeePassX_Xml::exportDatabase(QWidget*
severity 791858 grave
tags 791858 security
thanks
How come this bug has not been marked as a pretty severe security issue?
Just accessing a menu item, but canceling the export operation by
hitting Esc or clicking Cancel silently creates a hidden (dotfile)
cleartext copy of all of the user's
Tags: patch
When AuFin is called with errno = 0, error_at_line(3) does not exit. The
attached patch sets errno to EINVAL following the pattern in most
other similar error checks in aufs-tools.
With this change auplink / flush outputs the following error
message and exists without segfaulting:
On Thu, Dec 04, 2014 at 09:56:18AM +0100, intrigeri wrote:
If I remove that line, then the system Tor daemon fails to start here
with:
[notice] Tor v0.2.5.10 (git-43a5f3d91e726291) running on Linux with Libevent
2.0.21-stable, OpenSSL 1.0.1j and Zlib 1.
[notice] Read configuration file
Package: tor
Version: 0.2.5.10-1
Severity: normal
Please consider removing the line
#include abstractions/nameservice
from /etc/apparmor.d/abstractions/tor. In my testing tor seems to
function just fine without it; I haven't seen any errors reported to
audit.log or tor's own log. The
Package: git-annex
Version: 5.20140831+b1
Severity: important
Tags: upstream
It is not really a common nor good practice, but sometimes users have
their $HOME (dotfiles mostly) directly under git version control,
i.e. ~/.git exists and ~ is the git working directory. Usually most
files are
On Tue, Aug 20, 2013 at 11:32:16PM -0700, Larry Doolittle wrote:
I have not found this stanza anywhere in a Mozilla version control
repository (I know git, but I don't claim to be a GitHub or Mozilla
expert), so I don't know what its historical context is. Wikipedia
tells me FireFox 17 ESR
Package: git-annex
Version: 3.20120629
Severity: normal
Dear Maintainer,
The annex-fsck command appears to think some files are bad, even though
there appears to be nothing wrong with them.
What I did: I ran git annex fsck on two separate annex repositories (on the
same machine), both
After investigating a bit further, I noticed that a common thing with
the files that fail the consistency check is that their names contains
multiple dots, e.g. Fanni Joulukortti 2006.psd.gz and
16.01.1997-15.02.1997.pdf, something.tar.gz. The annex file
contain two parts of the filename, e.g.
Apologies--I did not read the changelog of more recent git-annex
versions before reporting this bug, and I did not find any previous
bug reports concerning this in BTS.
I just noticed that this issue has already been fixed in version
3.20120825. Also, I forgot to mention that the repositories in
On Mon, Apr 08, 2013 at 12:53:52PM -0400, Joey Hess wrote:
mv .git/annex/bad .
git annex add bad
rm -rf bad
Can you please explain how that should work? When I run that, it looks
like git-annex just thinks I want to add new files, and git status
reports this:
# On branch master
# Changes to
On Thu, Feb 21, 2013 at 04:57:00PM +0100, Vincent Lefevre wrote:
No, I don't have the choice. Or is this something in the preferences?
But Iceweasel normally lets the user choose by default.
Edit. Preferences. Applications. Portable Document Format (PDF).
Change from Preview in Iceweasel to
On Thu, Feb 21, 2013 at 06:40:33PM +0100, Vincent Lefevre wrote:
OK, but it was Always ask with Iceweasel 18! An upgrade must
preserve the preferences chosen by the user! That may be a RC bug:
local changes must be preserved during a package upgrade.
AFAIK the built-in viewer is the default
it in Wheezy.
Best regards,
Henrik Ahlgren
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: libcap2
Version: 1:2.22-1.2
Severity: important
Tags: upstream
Dear Maintainer,
The libcap2 source tree contains a copy of the header file
linux/capability.h that is from an older kernel version and
is missing the capability CAP_WAKE_ALARM (35).
This causes e.g. lxc-start to fail when
Package: selinux-policy-default
Version: 2:0.2.20100524-7+squeeze1
Severity: normal
While trying to use the mozilla.debian.net version of iceweasel (15.0)
with selinux in enforcing mode, it crashes with segmentation fault.
If iceweasel is running when I run setenforce 1, it crashes immediately,
It took me a fair amount of time to understand that modules only get
loaded at the time selinux-policy-default is installed, by the
postinst Perl script where there is a hardcoded mapping between
currently installed packages and the corresponding selinux modules.
With similar Debian machines
When I log in, as a normal user, to a Debian Squeeze system using the
standard Gnome display manager/login (which I believe is gdm3), id -Z
reports system_u:system_r:initrc_t:s0 as the context. If I log in to
the same machine from a text virtual console (Alt-Ctrl-F1), the context
is
44 matches
Mail list logo