Bug#799405: python-dmidecode: FTBFS: /usr/bin/ld: cannot find -lxml2mod

[Sandro Tosi]

On Fri, Sep 18, 2015 at 9:22 PM, Chris Lamb  wrote:
>   -L/usr/lib/python2.7/dist-packages -L/usr/lib/pymodules/python2.7
>   -lxml2 -lxml2mod -o build/lib.linux-x86_64-2.7/dmidecodemod.so
>   /usr/bin/ld: cannot find -lxml2mod

I cant reproduce it (ha!), are you able to?

Regards,
-- 
Sandro "morph" Tosi
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi

Bug#806634: Please split Deps and Build-Deps onto single lines

[Guido Günther]

Source: nss
Version: 2:3.21-1
Severity: wishlist
Tags: patch

Hi,
as discussed on the debian-lts list I'm currently looking into using the
same nss version in all currently supporte suites. To ease backporting
it would be great to have the build-deps split as in the attached patch
so it's easy to see in the diff what versions where changed.

I have a temporary repo at:

https://github.com/agx/nss-debian

in case you prefer to cherry-pick.

Cheers,
 -- Guido
>From e1944bf1aae1a3f7626ee76c7d3b2e6d4991cb05 Mon Sep 17 00:00:00 2001
Message-Id: 
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Sat, 28 Nov 2015 15:40:02 +0100
Subject: [PATCH] Put each {build,}-dependency onto a single line

This eases diffing when backporting
---
 debian/control | 28 +---
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/debian/control b/debian/control
index 498452e..9783672 100644
--- a/debian/control
+++ b/debian/control
@@ -3,7 +3,12 @@ Section: libs
 Priority: optional
 Maintainer: Maintainers of Mozilla-related packages 
 Uploaders: Mike Hommey 
-Build-Depends: debhelper (>= 9.20141010), dpkg-dev (>= 1.17.14), libnspr4-dev (>= 2:4.9.4), zlib1g-dev, libsqlite3-dev (>= 3.3.9), libnss3-tools:native (>= 2:3.19-1-1~) 
+Build-Depends: debhelper (>= 9.20141010),
+ dpkg-dev (>= 1.17.14),
+ libnspr4-dev (>= 2:4.9.4),
+ zlib1g-dev,
+ libsqlite3-dev (>= 3.3.9),
+ libnss3-tools:native (>= 2:3.19-1-1~) 
 Standards-Version: 3.9.6.0
 Homepage: http://www.mozilla.org/projects/security/pki/nss/
 Vcs-Git: https://anonscm.debian.org/git/pkg-mozilla/nss.git
@@ -12,7 +17,8 @@ Vcs-Browser: https://anonscm.debian.org/cgit/pkg-mozilla/nss.git
 Package: libnss3
 Architecture: any
 Pre-Depends: ${misc:Pre-Depends}
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends},
+ ${misc:Depends}
 Conflicts: libnss3-1d (<< 2:3.13.4-2)
 Multi-Arch: ${misc:Multi-Arch}
 Description: Network Security Service libraries
@@ -26,7 +32,8 @@ Section: oldlibs
 Priority: extra
 Architecture: any
 Pre-Depends: ${misc:Pre-Depends}
-Depends: libnss3 (= ${binary:Version}), ${misc:Depends}
+Depends: libnss3 (= ${binary:Version}),
+ ${misc:Depends}
 Multi-Arch: ${misc:Multi-Arch}
 Description: Network Security Service libraries - transitional package
  This is a transitional package to ensure smooth transition of all packages
@@ -35,7 +42,8 @@ Description: Network Security Service libraries - transitional package
 Package: libnss3-tools
 Section: admin
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends},
+ ${misc:Depends}
 Description: Network Security Service tools
  This is a set of tools on top of the Network Security Service libraries.
  This package includes:
@@ -53,7 +61,9 @@ Homepage: http://www.mozilla.org/projects/security/pki/nss/tools/
 Package: libnss3-dev
 Section: libdevel
 Architecture: any
-Depends: ${misc:Depends}, libnss3 (= ${binary:Version}), libnspr4-dev (>= 4.6.6-1)
+Depends: ${misc:Depends},
+ libnss3 (= ${binary:Version}),
+ libnspr4-dev (>= 4.6.6-1)
 Multi-Arch: ${misc:Multi-Arch}
 Description: Development files for the Network Security Service libraries
  This is a set of libraries designed to support cross-platform development
@@ -68,8 +78,12 @@ Package: libnss3-dbg
 Section: debug
 Priority: extra
 Architecture: any
-Depends: ${misc:Depends}, libnss3 (= ${binary:Version}) | libnss3-tools (= ${binary:Version})
-Conflicts: libnss3 (<< ${binary:Version}), libnss3 (>> ${binary:Version}), libnss3-tools (<< ${binary:Version}), libnss3-tools (>> ${binary:Version})
+Depends: ${misc:Depends},
+ libnss3 (= ${binary:Version}) | libnss3-tools (= ${binary:Version})
+Conflicts: libnss3 (<< ${binary:Version}),
+ libnss3 (>> ${binary:Version}),
+ libnss3-tools (<< ${binary:Version}),
+ libnss3-tools (>> ${binary:Version})
 Provides: libnss3-1d-dbg
 Multi-Arch: ${misc:Multi-Arch}
 Description: Debugging symbols for the Network Security Service libraries
-- 
2.6.2

Bug#806608: cjk: FTBFS when built with dpkg-buildpackage -A (mkdir: cannot create directory)

[韓達耐]

Hi Santiago

Thanks for that bug report!  It looks like it doesn't clean up some folder.
Let me try to run your commands on my PC at home this week, and see if I
can replicate it.

Cheers

-- 
Danai

On 30 November 2015 at 00:22, Santiago Vila  wrote:

> Package: src:cjk
> Version: 4.8.4+git20150701-1
> User: sanv...@debian.org
> Usertags: binary-indep
> Severity: important
>
> Dear maintainer:
>
> I tried to build this package with "dpkg-buildpackage -A"
> (i.e. only architecture-independent packages), and it failed:
>
>
> 
> [...]
>  debian/rules build-indep
> dh_testdir
> mkdir build_thaifonts
> (cd build_thaifonts && cp ../utils/thaifont/tools/c90.*
> ../utils/thaifont/tools/*.fontinst
> /usr/share/texlive/texmf-dist/fonts/afm/public/fonts-tlwg/garuda*.afm
> /usr/share/texlive/texmf-dist/fonts/afm/public/fonts-tlwg/norasi*.afm .)
> (cd build_thaifonts && tex norasi-c90.fontinst && tex garuda-c90.fontinst
> && for i in f*.pl; do pltotf $i; done)
> This is TeX, Version 3.14159265 (TeX Live 2015/Debian) (preloaded
> format=tex)
> (./norasi-c90.fontinst
> (/usr/share/texlive/texmf-dist/tex/fontinst/base/fontinst.sty
> No file fontinst.rc.
> ) (./norasi.afm)
> Metrics written on norasi.mtx.
> (./norasi.mtx)
>
> [... snipped ...]
>
> fontinst warning:
> missing glyph `breve' for slot 21 in font `fgdo8z.pl'.
>
> )
> Font written on fgdo8z.pl.
> Font definitions written on c90garuda.fd.
> (/usr/share/texlive/texmf-dist/tex/fontinst/base/finstmsc.sty
> No file finstmsc.rc.
> ) (./c90.etx)
> Encoding vector written on c90.enc.
>  )
> No pages of output.
> Transcript written on garuda-c90.log.
> I had to round some heights by 0.0315008 units.
> I had to round some depths by 0.0345001 units.
> I had to round some heights by 0.0315008 units.
> I had to round some depths by 0.0345001 units.
> I had to round some italic corrections by 0.0010004 units.
> I had to round some heights by 0.0305004 units.
> I had to round some depths by 0.0305004 units.
> I had to round some italic corrections by 0.0010004 units.
> I had to round some heights by 0.0305004 units.
> I had to round some depths by 0.0305004 units.
> I had to round some heights by 0.027 units.
> I had to round some depths by 0.0265007 units.
> I had to round some heights by 0.0290003 units.
> I had to round some depths by 0.0270004 units.
> I had to round some italic corrections by 0.0005007 units.
> I had to round some heights by 0.0305004 units.
> I had to round some depths by 0.0314999 units.
> I had to round some italic corrections by 0.0010004 units.
> I had to round some heights by 0.0314999 units.
> I had to round some depths by 0.0305004 units.
> touch build-indep-stamp
>  fakeroot debian/rules binary-indep
> dh_testdir
> mkdir build_thaifonts
> mkdir: cannot create directory 'build_thaifonts': File exists
> debian/rules:49: recipe for target 'build-indep' failed
> make: *** [build-indep] Error 1
> dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error
> exit status 2
>
> 
>
> Sorry not to have a fix, as I am reporting many bugs similar to
> this one. The common hints are:
>
> * If the only architecture-independent packages are dummy transitional
> ones and they were released with jessie, the easy fix is to drop them
> now.
>
> * When using "dh", it is allowed to use (independently)
> optional targets override_dh_foo-arch and override_dh_foo-indep
> (for several values of "foo").
>
>
> Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
> properly, the package would be suitable to be uploaded in source-only
> form if you wish.
>
> Thanks.
>
>

Bug#805094: add device to create/delete route string

[Samuel Thibault]

Hello,

Olivier Le Brouster, on Sat 14 Nov 2015 18:07:51 +0100, wrote:
> Here is a patch proposal. It adds the openvpn instance device (given in
> the environment) to the create/delete route string.

FTR, patch "dev" submitted to bug #745446 does basically that.

Samuel

Bug#806644: git-annex: can't add files with names >= 127 characters

[Michael Gold]

Package: git-annex
Version: 5.20151116-1

'git annex add' no longer works for filenames of 127 characters or more.
I have longer names in my repository, so it must be a recent regression.
A workaround is to add with a shorter name and use 'git mv'.

$ touch 
PPP
$ git annex add 
PPP
add 
PPP
 
git-annex: 
../../../../.git/annex/objects/Jx/11/SHA1-s0--da39a3ee5e6b4b0d3255bfef95601890afd80709/SHA1-s0--da39a3ee5e6b4b0d3255bfef95601890afd80709:
 createSymbolicLink: invalid argument (File name too long)
failed
git-annex: add: 1 failed
$ touch 
PP
$ git annex add 
PP
$ 

- Michael


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: arm64, mips

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages git-annex depends on:
ii  curl   7.45.0-1+b1
ii  git1:2.6.2-1
ii  libc6  2.19-22
ii  libffi63.2.1-3
ii  libgmp10   2:6.1.0+dfsg-2
ii  libgnutls-deb0-28  3.3.18-1
ii  libgsasl7  1.8.0-8
ii  libidn11   1.32-3
ii  libsqlite3-0   3.9.2-1
ii  libxml22.9.2+zdfsg1-4
ii  openssh-client 1:6.9p1-3
ii  rsync  3.1.1-3
ii  wget   1.17-1
ii  zlib1g 1:1.2.8.dfsg-2+b1

Versions of packages git-annex recommends:
ii  aria2  1.19.0-1
ii  bind9-host 1:9.9.5.dfsg-12+b1
ii  git-remote-gcrypt  0.20130908-7
ii  gnupg  1.4.19-6
ii  lsof   4.89+dfsg-0.1
ii  nocache0.9-2
ii  quvi   0.4.2-2

Versions of packages git-annex suggests:
ii  bup  0.27-1
ii  graphviz 2.38.0-12
pn  libnss-mdns  
pn  tahoe-lafs   

-- no debconf information


signature.asc
Description: PGP signature

Bug#806256: libpam-systemd: log out from a TTY and your X input devices get lost!

[Brian Potkin]

On Sun 29 Nov 2015 at 01:05:44 +0100, Michael Biebl wrote:

> Am 28.11.2015 um 19:23 schrieb Francesco Poli:
> 
> > Please tell me whether you need any further information in order to
> > investigate. Otherwise, please drop the moreinfo tag.
> 
> So far I don't know yet, how I can reproduce the problem. So I'll keep
> the moreinfo tag.

I can reproduce the problem and experience almost the same behaviour as
Francesco. For me, it only happens when X is started on tty1 but Ctrl+D
on any other terminal takes you back to tty1. Usually the GUI is still
displayed but on occasion I have been returned to a screen with just a
portion of the Xorg log on it; the machine itself is still responsive
to X's mouse and keyboard after this.

My experience in step 7) in the first mail isn't quite the same. I get
a screen having a portion of the Xorg log with Ctrl+Alt+F1. The machine
is functional. Any other A-Z key presses end up on the login prompt of
tty2. gpm mouse also pastes to tty2. (Wouldn't this indicate actually
being on tty2 although an Xfce screen is the one visible)?

The machine is an up-to-date testing with Xfce. Using fvwm makes no
difference. Two logs are attached.

Regards,

Brian.



Xorg.0.log.gz
Description: application/gzip


journalctl.log.gz
Description: application/gzip

Bug#806655: libzen: FTBFS when built with dpkg-buildpackage -A (dh_installdocs fails)

[Santiago Vila]

Package: src:libzen
Version: 0.4.32-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --parallel
   dh_testdir -i -O--parallel
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>'
mkdir -p build/
dh_auto_configure -DProject/CMake -Bbuild/
cmake ../Project/CMake -DCMAKE_INSTALL_PREFIX=/usr 
-DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_BUILD_TYPE=None 
-DCMAKE_INSTALL_SYSCONFDIR=/etc -DCMAKE_INSTALL_LOCALSTATEDIR=/var
-- The C compiler identification is GNU 5.2.1
-- The CXX compiler identification is GNU 5.2.1
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works

[... snipped ...]

-- Installing: /<>/debian/tmp/usr/include/ZenLib/Conf_Internal.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/CriticalSection.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Dir.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/File.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/FileName.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Html/Html_Handler.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Html/Html_Request.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Http/Http_Cookies.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Http/Http_Handler.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Http/Http_Request.h
-- Installing: 
/<>/debian/tmp/usr/include/ZenLib/Format/Http/Http_Utils.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/InfoMap.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/MemoryDebug.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/OS_Utils.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/PreComp.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Thread.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Trace.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Translation.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Utils.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/Ztring.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/ZtringList.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/ZtringListList.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/ZtringListListF.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/int128s.h
-- Installing: /<>/debian/tmp/usr/include/ZenLib/int128u.h
-- Installing: 
/<>/debian/tmp/usr/lib/x86_64-linux-gnu/pkgconfig/libzen.pc
-- Installing: 
/<>/debian/tmp/usr/lib/x86_64-linux-gnu/cmake/zenlib/ZenLibConfig.cmake
-- Installing: 
/<>/debian/tmp/usr/lib/x86_64-linux-gnu/cmake/zenlib/ZenLibConfigVersion.cmake
make[2]: Leaving directory '/<>/build'
make[1]: Leaving directory '/<>'
   debian/rules override_dh_installdocs
make[1]: Entering directory '/<>'
dh_installdocs
fromdos debian/*/usr/share/doc/*/*.txt
fromdos: Unable to access file "debian/*/usr/share/doc/*/*.txt".
debian/rules:32: recipe for target 'override_dh_installdocs' failed
make[1]: *** [override_dh_installdocs] Error 1
make[1]: Leaving directory '/<>'
debian/rules:39: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806654: libtool: FTBFS when built with dpkg-buildpackage -A (@include: could not find version.texi)

[Santiago Vila]

Package: src:libtool
Version: 2.4.2-1.11
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
cd doc && makeinfo libtool.texi
libtool.texi:9: @include: could not find version.texi
libtool.texi:27: warning: undefined flag: VERSION
libtool.texi:48: warning: undefined flag: VERSION
libtool.texi:48: warning: undefined flag: UPDATED
libtool.texi:82: warning: undefined flag: VERSION
libtool.texi:553: warning: undefined flag: VERSION
libtool.texi:586: warning: undefined flag: VERSION
libtool.texi:2097: warning: undefined flag: VERSION
debian/rules:153: recipe for target 'build-indep-stamp' failed
make: *** [build-indep-stamp] Error 1
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806653: libtexttools: FTBFS when built with dpkg-buildpackage -A (dh_ada_library fails)

[Santiago Vila]

Package: src:libtexttools
Version: 2.1.0-6
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --with ada-library
   dh_testdir -i
 fakeroot debian/rules binary-indep
dh binary-indep --with ada-library
   debian/rules build-indep
make[1]: Entering directory '/<>'
dh build-indep --with ada-library
   dh_testdir -i
make[1]: Leaving directory '/<>'
   dh_testroot -i
   dh_prep -i
   dh_installdocs -i
   dh_installchangelogs -i
   dh_installexamples -i
   dh_ada_library -i
dh_ada_library: project file "texttools.gpr" not found in 
.::/usr/share/ada/adainclude/
debian/rules:34: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 4
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806669: Please add Marc Fournier as a DM

[Aníbal Monsalve Salazar]

Package: debian-maintainers
Owner: Marc Fournier 

Please add Marc Fournier as a DM.
Changed-By: Anibal Monsalve Salazar 
Date: Sun, 29 Nov 2015 20:45:22 +
BTS: https://bugs.debian.org/FIXME
Comment: Add Marc Fournier as a Debian Maintainer
Agreement: https://lists.debian.org/debian-newmaint/2015/11/msg00015.html
Advocates:
  bzed - https://lists.debian.org/debian-newmaint/2015/11/msg00028.html
  tokkee - https://lists.debian.org/debian-newmaint/2015/11/msg00031.html
KeyCheck:
  pub   4096R/B368A4EB 2011-01-27 [expires: 2016-11-06]
Key fingerprint = 1726 090D D276 E815 07A9  2B18 116F 5E3A B368 A4EB
  uid  Marc Fournier 
  sig! C70218D2 2011-02-09  Frederic Peters 
  sig! 2BEF0A33 2011-02-01  Didier Raboud 
  sig! 02D1BC65 2011-02-07  Peter Van Eynde 
  sig! F3D57033 2011-02-07  Dario Minnucci 
  sig! A74420EF 2011-02-13  Christoph Goehre 
  sig! BAF91EF5 2011-02-23  Gaudenz Steinlin 

  sig! 9F84F4DE 2011-03-19  Iustin Pop 
  sig! E397832F 2011-03-27  Luca Capello 
  sig!3B368A4EB 2011-01-27  Marc Fournier 
  sig!3B368A4EB 2015-11-07  Marc Fournier 
  sig!2   P999BBCC4 2011-02-01  Martin F. Krafft 
  sub   4096R/A6EC05C3 2011-01-27
  sig! B368A4EB 2011-01-27  Marc Fournier 
  .
  Key is OpenPGP version 4 or greater.
  Key has 4096 bits.
  Valid "e" flag, no expiration.
  Valid "s" flag, expires Sun 06 Nov 2016 20:23:56 UTC.
Action: import
Data:
  -BEGIN PGP PUBLIC KEY BLOCK-
  Version: GnuPG v1
  
  mQINBE1B4ssBEACmGu/KsONdSlMlC2kTGbrkkC6Kui1kGYQOYHStjRr3PmJ5Xz9m
  YotIlKAM7ngW6cY4pJsZXpgP82kPXNcFk9Vq0vxFQjV0LiXz1+ahbXD8Sf2Ikpog
  9dDZjmx/xVI1zoIcIQZzUSutORAshOPYG102VZsNtjvDUh8fbk2WGCKWpIKFBUi5
  0Wj+kmgJjJDX4KzIzz0SB/2wZjOy9DMb5Pb07LabSYQTx7hw73WXW99yMtiGmflm
  YDBiPf2h1seikyBEUSCDEu8wVZPD7MpMn8LyxNLyaGAFQAg37qphWvyYufS6zV2c
  WyiWYvMpbe/rnK3Rw0JEVhXaJONljZ8O+I7yq+ad/S/HxS0dVFWozgr3Mj/mukcR
  M7is3O4kmpJrYh7UI2DaNu+CHOwZ7yv+HJjeQ0qhPi261XNYXd1abH0hJ32RHxNN
  YO16xxuXUEBEEtIpkvPO70dNN43PL07a4miFj2LNHtnk+qIz8GLvUvp+yPO7P6xu
  dVpyjtw0NGm1umJpKv0hJh1NOUzq2HYB8jbm6nVLZXRIMx7emajnl4O+O9vj9S1N
  91vwYUM4YD21cVMZstZbCWeU6fhvMHuqIOqT8UFC79FKqLfeLeYpjsgERuW9HD4A
  /sOOLJIQXdqOs+APuVgFoY93++99HvQQXAxsCsWkjr2NEOTih16IS6Zc7wARAQAB
  tB5NYXJjIEZvdXJuaWVyIDxtYXJjQGJsLnVlbS5saT6IRgQQEQIABgUCTU6i5QAK
  CRBp5GJ2T8WeRGnuAKDm/V2p/O3fwt/pVjHrVl+srDvIVgCfW+lGPDtbkm5P/jrX
  EerWO3UNpbaIRgQQEQIABgUCTU/eVgAKCRBJNgs7HfuhZC2DAJ9g5yXtObS2LJiV
  L/x+R2N2TmQaWgCbB4uBVdqDFyR5eAS4/9+u7MFGdy+IRgQQEQIABgUCTVAGCgAK
  CRCNvOfruxnoA2sgAJ4i+tI+R59pOcDID79VUPt+JHVYbwCghdr2Lm+EDdizVLsi
  cMFUaLt8ldmIRgQQEQIABgUCTVB8aQAKCRAwAo0kSBO1/vF8AJ4kFD7ha7/sKJSE
  dj7CfFxyb+kdMwCeK6hSN7RKjk09TIOWrpCUVaVtSUuIRgQQEQIABgUCTVLuVgAK
  CRBzHK/TU8GjL9H/AKDPT5nVTc+JArSTh660pOIaVJoUaACgl31DGcWxD0c3TCMQ
  s29FDRBS0W2IRgQQEQIABgUCTVMU8wAKCRBtC8c6QFgYN8G6AJ4nmii1tZSNp4+g
  uFFZrdmr2XtfQACfYpEX/vjK2fJ+KaNnlycP7CbB3tOIRgQQEQIABgUCTVSBDAAK
  CRAvGtBzKTwF/RnzAJ94iYRhNcAln9h2F5291RtduPaJcACZAQ3A4BLRAQZIaX2b
  t3YHDrCJ4DqIRgQQEQIABgUCTVfLZgAKCRACkJ4akv0Tcv53AJwLjK7goBw8DMSZ
  McQG+8sX0xatzACfVmSd9X7I8+30XHMw6D8XqQmWq3aIRgQQEQIABgUCTVhMDAAK
  CRC+4W4sKn2CIC2wAJ9OTZtzUr/V2sdV+MMoz7UItr03FgCgpwqhWyMkQQ1nVIV6
  11BCDriVIH+IRgQQEQIABgUCTVrvzwAKCRCI5roe/vTdA0zaAJ4/kVexKazhJVVu
  HMKDuzNqEyJOjwCgvqKVJ4z2/GvQBvSW6wEy66xeT/CIRgQQEQIABgUCTVvntwAK
  CRAJWj/uUksJWMkVAKCqUTRo86F7cqVu6ynECGU0fNSAzgCg1arj9Sxi8pfSvn9T
  nHQIo92fSIGIRgQQEQIABgUCTXq0owAKCRCSxL7vWYStu4p8AKCH53bD7ShlxG4D
  Q/t1DMxJuOU3UwCfVgH6T5fux2wRWMbeqU+lsTKNShOIRgQQEQIABgUCTecxpAAK
  CRC3URQJ/BXb7DvhAJ0fJHt/IMxC84dFRKtySL1ysCYgLQCg9spez2d/sv2wONbV
  /uqn5ABgzJyIRgQQEQIABgUCT4UvqQAKCRBW5/+KKEDHCBq1AKCl5MaJzGc0BK7n
  YiGBIguQUWr9kACfTLv4Ulc2QtwU/LxDWMeYRgtqub2IRgQQEQIABgUCT4UvqQAK
  CRBjQvLsvFr2uRq1AJ4yzIRLG9fF6Ik5gDq5QepGk/nFhgCgwZMQ+gSuN4N7aPQG
  KiwQc9kHgm6IRgQQEQgABgUCTUPvJQAKCRCfN6X6TafFRheiAKDMsmoLDdw+QXWf
  clhTmWY0HQHSpwCgqxh4PQS6yyiu4SZXuweR79uT1GSIRgQQEQoABgUCTWRYNAAK
  CRDcWijkjHdAr/teAJ0alc3saGh2wdj4B94FyRdgJQfulgCeIp4AqkCsR3k9igRp
  H5Xm7rSoHSyIRgQREQIABgUCTU/0LQAKCRCa3YdBWqMiVuOiAKCVYzJEqJWTWdpb
  oo/2ad4gvhHnCgCfVhCVsQ8gw1O+yfL7R+/KMHhDyImIRgQSEQIABgUCTVFcQAAK
  CRAjO4pX5Idf+cY3AJ0WG8EBp4mn6n4vYTdwJGyXUlH2XwCdF8t1AMsSK4PoBr8o
  tNd74F6EQBaIRgQSEQIABgUCTVL9vgAKCRDoVmI4sAy1M7MnAJ97E/96RQzMjV3j
  v4Jqh1H5ob3O6QCgyfzp3WxDR4kIuXKGO4/kCytxMySIRgQSEQIABgUCTVj5ngAK
  CRA4enaVfrp1/7/XAKC2NjcK0Nu+AUyx4BkkZJf3OwWL7ACg6EcT4JhCumXVRPaD
  t+BmtZ6jCJKIRgQSEQgABgUCTVBjXQAKCRAyQZt4XQzc/JrNAKCEgX9PzihLXSzH
  ksXbpmvsJQUFUwCgpXLUa1lJiHrShiMZKF+EYhmA5nSIRgQTEQIABgUCTVBi/QAK
  CRAvlRUIquYCLqPqAJ97hMo8BMA3IseysHpeFKZtJ2Ib6wCgswHuRRjAhnOJ8oqR
  fombYLoODkaIRgQTEQIABgUCTVlMewAKCRDugZKm5EPW2Ca4AJ4oLdcPUtYd+0iW
  

Bug#806166: wheezy-pu: package zendframework/1.11.13-1.1+deb7u5

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2015-11-26 at 22:09 -0400, David Prévot wrote:
> Le 26/11/2015 17:23, Adam D. Barratt a écrit :
> > On Tue, 2015-11-24 at 19:16 -0400, David Prévot wrote:
> >> As per #806165 (Jessie pu request), this update aims to fix a security
> >> issue in zendframework:
> 
> > Please go ahead.
> 
> Uploaded and accepted, thanks.

Flagged for acceptance.

Regards,

Adam

Bug#806339: wheezy-pu: package libiptables-parse-perl/1.1-1+deb7u1

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2015-11-26 at 22:38 +0100, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Thu, Nov 26, 2015 at 09:19:04PM +, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Thu, 2015-11-26 at 18:13 +0100, Salvatore Bonaccorso wrote:
> > > libiptables-parse-perl uses temporary files in an unsafe way, this was  
> > > assigned CVE-2015-8326 and already fixed in unstable with the 1.6-1  
> > > upload.  
> > 
> > Please go ahead.
> 
> Thanks here as well! Done.

Flagged for acceptance.

Regards,

Adam

Bug#806338: jessie-pu: package libiptables-parse-perl/1.1-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2015-11-26 at 22:37 +0100, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Thu, Nov 26, 2015 at 09:19:36PM +, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Thu, 2015-11-26 at 18:12 +0100, Salvatore Bonaccorso wrote:
> > > libiptables-parse-perl uses temporary files in an unsafe way, this was
> > > assigned CVE-2015-8326 and already fixed in unstable with the 1.6-1
> > > upload.
> > > 
> > > Attached is a debdiff to fix this issue for jessie. Can you consider
> > > accepting it for the next jessie point release?
> > 
> > Please go ahead.
> 
> Thanks! Done.

Flagged for acceptance.

Regards,

Adam

Bug#806676: ntp: /etc/dhcp/dhclient-exit-hooks.d/ntp incorrectly parses /etc/ntp.conf

[Christoph Anton Mitterer]

Package: ntp
Version: 1:4.2.8p4+dfsg-3+b1
Severity: normal


Hi.

/etc/dhcp/dhclient-exit-hooks.d/ntp parses /etc/ntp.conf and tries to
remove any server and peer stanzas.

- It fails however to remove any such, that have been indented by e.g.
tabs.
- Further, it would remove any other stanzas staring with "server" or
  "peer" should any such be ever supported by ntp

Please replace:
sed -r -e '/^ *(server|peer).*$/d' $NTP_CONF
with
sed '/^[[:space:]]*\(server\|peer\)[[:space:]]/d' $NTP_CONF


Also, it doesn't remove any pool stanzas... not sure if
this should be done or not?
Any ideas?


Cheers,
Chris.

Bug#806644: Fwd: Bug#806644: git-annex: can't add files with names >= 127 characters

[Joey Hess]

When people complain of 127 characters and filesystems, my first thought
is "encfs" and my second thought is an expletive.

-- 
see shy jo


signature.asc
Description: PGP signature

Bug#806632: libsis-base-java: FTBFS when built with dpkg-buildpackage -A (override_dh_auto_test fails)

[Andreas Tille]

Hi,

it seems this is a general FTBFS error since it also fails for normal
builds.  Any hint how to fix this would be welcome.

Kind regards

   Andreas.

On Sun, Nov 29, 2015 at 04:22:57PM +, Santiago Vila wrote:
> Package: src:libsis-base-java
> Version: 14.12.0-1
> User: sanv...@debian.org
> Usertags: binary-indep
> Severity: important
> 
> Dear maintainer:
> 
> I tried to build this package with "dpkg-buildpackage -A"
> (i.e. only architecture-independent packages), and it failed:
> 
> 
> [...]
>  debian/rules build-indep
> dh build-indep --with javahelper
>dh_testdir -i
>debian/rules override_dh_auto_configure
> make[1]: Entering directory '/<>'
> cp debian/build_native/* source/c
> #Needed on Ubuntu 14.04
> touch source/c/NEWS source/c/README source/c/AUTHORS source/c/ChangeLog
> cd source/c && autoreconf -i
> libtoolize: putting auxiliary files in `.'.
> libtoolize: copying file `./ltmain.sh'
> libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and
> 
> [... snipped ...]
> 
> OS: Linux (v3.16.7-ckt11-qemu-amd64)
> Test class: UnixTests
> 
> Running testGetLinkInfoSymLink
> Running testGetLinkInfoSymLinkDanglingLink
> Running testGetLinkInfoNonExistent
> Running testCreateSymbolicLinkNull
> Running testCreateHardLinkNull
> Running testGetLinkInfoHardLink
> Running testGetUid
> Running testGetEuid
> Running testGetGid
> Running testGetEgid
> Running testGetUidForUserName
> Running testGetUidForUserNameNull
> Running testGetGidForGroupName
> Running testGetGidForGroupNameNull
> Running testTryGetGroupByName
> Running testTryGetGroupByNameNull
> Running testTryGetGroupByGid
> Running testTryGetUserByName
> Running testTryGetUserByNameNull
> Running testTryGetUserByUid
> Running testDetectProcess
> Exception in thread "main" java.lang.AssertionError: 
>   at org.testng.AssertJUnit.fail(AssertJUnit.java:59)
>   at org.testng.AssertJUnit.assertTrue(AssertJUnit.java:24)
>   at org.testng.AssertJUnit.assertTrue(AssertJUnit.java:33)
>   at 
> ch.systemsx.cisd.base.unix.UnixTests.testDetectProcess(UnixTests.java:296)
>   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>   at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>   at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>   at java.lang.reflect.Method.invoke(Method.java:606)
>   at ch.systemsx.cisd.base.unix.UnixTests.main(UnixTests.java:323)
>   at ch.systemsx.cisd.base.AllTests.main(AllTests.java:55)
> debian/rules:45: recipe for target 'override_dh_auto_test' failed
> make[1]: *** [override_dh_auto_test] Error 1
> make[1]: Leaving directory '/<>'
> debian/rules:15: recipe for target 'build-indep' failed
> make: *** [build-indep] Error 2
> dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2
> 
> 
> Sorry not to have a fix, as I am reporting many bugs similar to
> this one. The common hints are:
> 
> * If the only architecture-independent packages are dummy transitional
> ones and they were released with jessie, the easy fix is to drop them
> now.
> 
> * When using "dh", it is allowed to use (independently)
> optional targets override_dh_foo-arch and override_dh_foo-indep
> (for several values of "foo").
> 
> 
> Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
> properly, the package would be suitable to be uploaded in source-only
> form if you wish.
> 
> Thanks.
> 
> ___
> Debian-med-packaging mailing list
> debian-med-packag...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
> 

-- 
http://fam-tille.de

Bug#806643: twisted: new upstream release (15.5.0)

[Colin Watson]

Source: twisted
Source-Version: 15.5.0
Severity: wishlist

There's a new upstream release, 15.5.0:

  https://twistedmatrix.com/pipermail/twisted-python/2015-November/029993.html
  https://pypi.python.org/pypi/Twisted/15.5.0

Please could you upgrade?  I'm especially interested in this because of
the conch improvements, which should be one step closer to letting me
turn on conch interoperability testing in openssh's autopkgtests.

Thanks,

-- 
Colin Watson   [cjwat...@debian.org]

Bug#806646: gsl: cannot compile libgsl from source

[Krzysztof Marczak]

Source: gsl
Version: 2.1+dfsg
Severity: normal

Dear Maintainer,

I cannot compile libgsl from source, because configure script gives folowing
error:

config.status: error: cannot find input file: `doc/examples/Makefile.in'

to compile from source I use folowing commands (this how I compiled version
1.16):

1. apt-get source gsl-bin gsl-doc
2. cp -rv gsl-doc-1.16 gsl-2.1+dfsg/doc/
3. cd gsl-2.1+dfsg
4. ./configure
5. cd doc
6. ./configure
7. cd ..
8. make
9. sudo make install

it fails at point 4

Is it correct to compile gsl-2.1 with gsl-doc-1.16? This is probably source of
problem.



-- System Information:
Debian Release: stretch/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#672232: [pkg-dhcp-devel] Bug#672232: Re isc-dhcp-client: method to ignore settings provided by the server

[Michael Gilbert]

control: tag -1 upstream
control: tag -1 -security
control: forwarded -1 ISC bug #35631
control: retitle -1 dhclient adopts dhcp server's settings despite
them not being "request"ed

On Sun, Nov 29, 2015 at 2:42 PM, Christoph Anton Mitterer wrote:
> supersede isn't really of any help here since a) it doesn't seem to
> properly work in all places, and b) one cannot use it do just "unset" a
> server provided value (i.e. using the empty string or so doesn't work).

The syntax may very well be a bit odd, but a few minutes of
intellectual poking with supersede leads to a simple solution for all
of the problems mentioned so far.  That is left as an exercise for the
astute reader.

Please feel free to add the security tag once your request for a CVE
id goes through.  For now, since there are simple workarounds, and
given that this is an upstream design flaw rather than a
Debian-specific issue, further effort on solving it should go there.
Good luck!

Best wishes,
Mike

Bug#806676: [pkg-ntp-maintainers] Bug#806676: ntp: /etc/dhcp/dhclient-exit-hooks.d/ntp incorrectly parses /etc/ntp.conf

[Christoph Anton Mitterer]

On Sun, 2015-11-29 at 23:41 +0100, Kurt Roeckx wrote:
> Yes, I think pool should be treated just like server and peer.
Then obviously
sed '/^[[:space:]]*\(server\|peer\|pool\)[[:space:]]/d' $NTP_CONF

Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature

Bug#672232: [pkg-dhcp-devel] Bug#672232: Re isc-dhcp-client: method to ignore settings provided by the server

[Christoph Anton Mitterer]

On Sun, 2015-11-29 at 17:36 -0500, Michael Gilbert wrote:
> control: tag -1 upstream
> control: tag -1 -security
> control: forwarded -1 ISC bug #35631
> control: retitle -1 dhclient adopts dhcp server's settings despite
> them not being "request"ed
Working with you is always uhm... like Christmas... o.O


> The syntax may very well be a bit odd, but a few minutes of
> intellectual poking with supersede leads to a simple solution for all
> of the problems mentioned so far.  That is left as an exercise for
> the
> astute reader.
The solution can't be to use supersede, as this requires one to
actually set a secure/usable value.

For many there may not be a value which one desires to set (e.g. dns
search)... for others, e.g. ntp-servers the best one could do is to use
localhost, which is however not working either, as software then
actually tries to query NTP at localhost.


> For now, since there are simple workarounds, and
> given that this is an upstream design flaw rather than a
> Debian-specific issue, further effort on solving it should go there.
I never said it's a debian specific bug, but since upstream hides
behind not even having a proper bugtracker its probably pointless to
have one further iteration of pressing there.
Effectively only the distros would be powerful enough to build up the
necessary pressure for upstream to do something.

Given that you're from the security team, I guess removing the security
tag means effectively that the security denies any issue that upstream
doesn't want to deal with to be a security issue.
And further, an attack vector that, as shown above with the expiry of
X509 certs, can be clearly any extremely simply be used isn't
considered worth to be fixed by Debian?

Just simulated that before... set up a local forged NTP server, sent it
via dhcp, when a node in the network reboots at least ntpdate takes
this up and sets any arbitrary date... voila... one can use expired
certs again..


Security-ignorance at it's finest o.O

smime.p7s
Description: S/MIME cryptographic signature

Bug#802848: RFS: gnome-twitch/0.1.0-1 [ITP]

[Tim Dengel]

Hi again,

I just now noticed that the QA information on the mentors site of my
package[0] says that I have no debhelper compatibility level set and
that I don't have a watch file, but both are there in the package I
uploaded. I have no idea what went wrong.
Also, strangely, when I downloaded the package with dget to check if the
files are there, dscverify failed with a GPG error message saying it
couldn't check the signature because the public key "could not be
found", but when I do 'gpg --list-public-keys' it is there. I also
successfully verified the signature with 'gpg --verify
gnome-twitch_0.1.0-2.dsc'.

Output of LANG=C dscverify gnome-twitch_0.1.0-2.dsc :

gnome-twitch_0.1.0-2.dsc:
dscverify: gnome-twitch_0.1.0-2.dsc failed signature check:
gpg: Signature made Sat Nov 28 22:21:30 2015 CET using RSA key ID B39C07E9
gpg: Can't check signature: public key not found
Validation FAILED!!



Output of LANG=C gpg --verify gnome-twitch_0.1.0-2.dsc :

gpg: Signature made Sat Nov 28 22:21:30 2015 CET using RSA key ID B39C07E9
gpg: Good signature from "Tim Dengel "


[0] https://mentors.debian.net/package/gnome-twitch

--
Tim

Bug#806641: josm: Plugins geotools and cadastre-fr are not loaded

[MLHPUB]

Package: josm
Version: 0.0.svn7643+dfsg1-1
Severity: normal

Dear Maintainer,

Launching JOSM, already used following plugin are not loaded :

Geotools : version 31774
Cadastre-fr : 31772

These 2 are up to date.

I can't tell when this problem appeared because I am only occasionnal user.

Unfortunately, my friend Google couldn't help me...

Thanks !

Matt



-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages josm depends on:
ii  ant  1.9.4-3
ii  default-jre  2:1.7-52
ii  fonts-droid  1:4.4.4r2-6
ii  jmapviewer   1.03+dfsg-2
ii  libandroid-json-org-java 20121204-20090211-1
ii  libcommons-codec-java1.9-1
ii  libgettext-commons-java  0.9.6-2
ii  libmetadata-extractor-java   2.6.4-2
ii  liboauth-signpost-java   1.2.1.2-1.2
ii  libsvgsalamander-java0~svn95-1
ii  openstreetmap-map-icons-classic  1:0.0.svn30763-1

Versions of packages josm recommends:
ii  josm-l10n 0.0.svn7643+dfsg1-1
ii  josm-plugins  0.0.svn30763+ds1-1
ii  webkit-image-gtk  0.0.svn25399-3

josm suggests no packages.

-- no debconf information

Bug#802848: RFS: gnome-twitch/0.1.0-1 [ITP]

[Tim Dengel]

Hi again,

I just now noticed that the QA information on the mentors site of my
package[0] says that I have no debhelper compatibility level set and
that I don't have a watch file, but both are there in the package I
uploaded. I have no idea what went wrong.
Also, strangely, when I downloaded the package with dget to check if the
files are there, dscverify failed with a GPG error message saying it
couldn't check the signature because the public key "could not be
found", but when I do 'gpg --list-public-keys' it is there. I also
successfully verified the signature with 'gpg --verify
gnome-twitch_0.1.0-2.dsc'.

Output of LANG=C dscverify gnome-twitch_0.1.0-2.dsc :

gnome-twitch_0.1.0-2.dsc:
dscverify: gnome-twitch_0.1.0-2.dsc failed signature check:
gpg: Signature made Sat Nov 28 22:21:30 2015 CET using RSA key ID B39C07E9
gpg: Can't check signature: public key not found
Validation FAILED!!



Output of LANG=C gpg --verify gnome-twitch_0.1.0-2.dsc :

gpg: Signature made Sat Nov 28 22:21:30 2015 CET using RSA key ID B39C07E9
gpg: Good signature from "Tim Dengel "


[0] https://mentors.debian.net/package/gnome-twitch

--
Tim

Bug#806612: [Debichem-devel] Bug#806612: cp2k: FTBFS when built with dpkg-buildpackage -A (different version of GNU Fortran)

[Michael Banck]

Hi,

On Sun, Nov 29, 2015 at 07:06:51PM +0100, Santiago Vila wrote:
> On Sun, Nov 29, 2015 at 06:53:24PM +0100, Michael Banck wrote:
> > Hi Santiago,
> > 
> > On Sun, Nov 29, 2015 at 04:22:14PM +, Santiago Vila wrote:
> > > Package: src:cp2k
> > > Version: 2.6.1-2
> > > User: sanv...@debian.org
> > > Usertags: binary-indep
> > > Severity: important
> > > 
> > > Dear maintainer:
> > > 
> > > I tried to build this package with "dpkg-buildpackage -A"
> > > (i.e. only architecture-independent packages), and it failed:
> > 
> > which architecture was this on?
> 
> amd64 on testing (stretch).
 
Ah, ok, makes sense.

> This could be a compiler bug which is fixed in unstable, but it could
> be also a badly done transition (which includes not doing a transition
> when a transition was required).
> 
> Even if your package is not directly to blame, I think it is important
> to know how this happened and ensure that it will be fixed.

I think the reason is that testing now has gfortran-5.2, and the elpa
package in testing has not been rebuilt with it since.  There was an
elpa upload recently, but as it FTBFS on a few arches, it hasn't
migrated yet.

So hrm, not exactly sure what to do about it.


Michael

Bug#682369: iceweasel: Tough cookie

[Ian Zimmerman]

And now something new: in this version of iceweasel (38.4.0), this is
now happening in safe mode.  May be a different bug; I no longer use
Noscript so I cannot retest the original situation.  But try the URL
below.

URL: https://iccf.com/

-- 
Please *no* private copies of mailing list or newsgroup messages.
Rule 420: All persons more than eight miles high to leave the court.

Bug#785190: new upstream (6.8p1)

[Colin Watson]

On Thu, Aug 20, 2015 at 12:49:19AM +0100, Colin Watson wrote:
> I owe you an explanation for that, but it was a bit too verbose for the
> changelog.  The main reason is that Twisted Conch does not support SHA-2
> or other cryptographic improvements that OpenSSH 7.0p1 now requires.
> Here are some relevant bugs:
> 
>   https://twistedmatrix.com/trac/ticket/5350
>   https://twistedmatrix.com/trac/ticket/7672
>   https://twistedmatrix.com/trac/ticket/7717

Twisted 15.5.0 was released today and contains enough of this to allow
interoperation with OpenSSH 7.1p1, so I'm preparing a belated upload
now.

> so I plan to work on this very soon and in any event promise now that
> Debian jessie will release with OpenSSH >= 7.0p1.

Lacking a time machine, I obviously meant Debian stretch here. :-)

-- 
Colin Watson   [cjwat...@debian.org]

Bug#806636: goplay: diff for NMU version 0.9.1+nmu1

[Julian Andres Klode]

Package: goplay
Version: 0.9.1
Severity: normal
Tags: patch pending

Dear maintainer,

I've prepared an NMU for goplay (versioned as 0.9.1+nmu1) and
uploaded it, in order to finish the APT transition.

Regards.

-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to (`inline'). Thank you.
diff -Nru goplay-0.9.1/debian/changelog goplay-0.9.1+nmu1/debian/changelog
--- goplay-0.9.1/debian/changelog	2015-10-28 13:56:32.0 +0100
+++ goplay-0.9.1+nmu1/debian/changelog	2015-11-29 17:52:34.0 +0100
@@ -1,3 +1,11 @@
+goplay (0.9.1+nmu1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with C++11 mode to build with libept 1.1
+  * Link to libwibble and libtagcoll2
+
+ -- Julian Andres Klode   Sun, 29 Nov 2015 17:52:33 +0100
+
 goplay (0.9.1) unstable; urgency=medium
 
   * Team upload.
diff -Nru goplay-0.9.1/debian/rules goplay-0.9.1+nmu1/debian/rules
--- goplay-0.9.1/debian/rules	2015-10-28 13:56:32.0 +0100
+++ goplay-0.9.1+nmu1/debian/rules	2015-11-29 16:35:21.0 +0100
@@ -7,6 +7,9 @@
 export DEB_BUILD_MAINT_OPTIONS=hardening=-fortify
 $(info DEB_BUILD_MAINT_OPTIONS:$(origin DEB_BUILD_MAINT_OPTIONS)=$(DEB_BUILD_MAINT_OPTIONS))
 
+# libept 1.1 requires C++11 mode
+export DEB_CXXFLAGS_MAINT_APPEND := -std=c++11
+
 %:
 	dh $@ --with autoreconf
 
diff -Nru goplay-0.9.1/src/Makefile.am goplay-0.9.1+nmu1/src/Makefile.am
--- goplay-0.9.1/src/Makefile.am	2015-10-28 13:56:32.0 +0100
+++ goplay-0.9.1+nmu1/src/Makefile.am	2015-11-29 16:38:22.0 +0100
@@ -37,10 +37,12 @@
 	`curl-config --libs`
 goplay_LDADD = \
 	../libxdgutils/libxdgutils.a \
-	$(LIBEPT_LIBS)
+	$(LIBEPT_LIBS) \
+	$(LIBWIBBLE_LIBS) \
+	$(LIBTAGCOLL2_LIBS)
 
 manpage_SOURCES = manpage.cpp
-manpage_LDADD = $(LIBEPT_LIBS)
+manpage_LDADD = $(LIBEPT_LIBS) $(LIBWIBBLE_LIBS) $(LIBTAGCOLL2_LIBS)
 
 ui.h ui.cpp: ui.fld
 	fluid -c -o ui.cpp -h ui.h ui.fld

Bug#806640: jessie-pu: package gummi/0.6.5-3+deb8u1

[Daniel Stender]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hello release team,

I propose an update of Gummi in Jessie.

The applied patch is a fix of security problem CVE 2015-7758 [1].

The security team marked this issue as minor/no-DSA [2], so I would upload
it to stable as proposed update.

Please see the attached debdiff for details of changes. I've build the
package against stable [3].

Thank you,
Daniel Stender

[1] https://bugs.debian.org/756432

[2] https://security-tracker.debian.org/tracker/source-package/gummi

[3] 
http://www.danielstender.com/buildlogs/gummi_0.6.5-3+deb8u1_amd64-20151129-1811.build

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru gummi-0.6.5/debian/changelog gummi-0.6.5/debian/changelog
--- gummi-0.6.5/debian/changelog	2014-02-10 00:51:22.0 +0100
+++ gummi-0.6.5/debian/changelog	2015-11-29 18:07:36.0 +0100
@@ -1,3 +1,9 @@
+gummi (0.6.5-3+deb8u1) stable; urgency=medium
+
+  * Added no-predictable-tmpfiles.patch, fix of CVE 2015-7758 (Closes: #756432).
+
+ -- Daniel Stender <deb...@danielstender.com>  Sun, 29 Nov 2015 18:07:12 +0100
+
 gummi (0.6.5-3) unstable; urgency=low
 
   * Fix "FTBFS: automake errors":
diff -Nru gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch
--- gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch	1970-01-01 01:00:00.0 +0100
+++ gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch	2015-11-29 16:30:54.0 +0100
@@ -0,0 +1,39 @@
+Description: don't generate predictable tmpfile names if filename is given
+ Quick fix for CVE-2015-7758 (#756432).
+Author: Daniel Stender <deb...@danielstender.com>
+Bug: https://bugs.debian.org/756432
+Forwarded: https://github.com/alexandervdm/gummi/issues/20
+Last-Update: 2015-11-29
+
+--- a/src/editor.c
 b/src/editor.c
+@@ -204,10 +204,9 @@
+ gchar* base = g_path_get_basename (filename);
+ gchar* dir = g_path_get_dirname (filename);
+ ec->filename = g_strdup (filename);
+-ec->basename = g_strdup_printf ("%s%c.%s", dir, G_DIR_SEPARATOR, base);
+-ec->workfile = g_strdup_printf ("%s.swp", ec->basename);
+-ec->pdffile =  g_strdup_printf ("%s%c.%s.pdf", C_TMPDIR,
+-   G_DIR_SEPARATOR, base);
++ec->basename = g_strdup (ec->fdname);
++ec->workfile = g_strdup (ec->fdname);
++ec->pdffile =  g_strdup_printf ("%s.pdf", ec->fdname);
+ g_free (base);
+ g_free (dir);
+ } else {
+@@ -237,12 +236,9 @@
+ if (ec->filename) {
+ gchar* dirname = g_path_get_dirname (ec->filename);
+ gchar* basename = g_path_get_basename (ec->filename);
+-auxfile = g_strdup_printf ("%s%c.%s.aux", C_TMPDIR,
+-G_DIR_SEPARATOR, basename);
+-logfile = g_strdup_printf ("%s%c.%s.log", C_TMPDIR,
+-G_DIR_SEPARATOR, basename);
+-syncfile = g_strdup_printf ("%s%c.%s.synctex.gz", C_TMPDIR,
+-G_DIR_SEPARATOR, basename);
++auxfile = g_strdup_printf ("%s.aux", ec->fdname);
++logfile = g_strdup_printf ("%s.log", ec->fdname);
++syncfile = g_strdup_printf ("%s.synctex.gz", ec->fdname);
+ g_free (basename);
+ g_free (dirname);
+ } else {
diff -Nru gummi-0.6.5/debian/patches/series gummi-0.6.5/debian/patches/series
--- gummi-0.6.5/debian/patches/series	2014-02-10 00:48:38.0 +0100
+++ gummi-0.6.5/debian/patches/series	2015-11-29 16:31:22.0 +0100
@@ -1,3 +1,4 @@
 gummi.desktop.patch
 automake-subdirs.patch
 libgthread-2.0_link.patch
+no-predictable-tmpfiles.patch

Bug#806569: libgnupg-interface-perl: Breaks devotee

[Kurt Roeckx]

So I used this patch and everything seems to work now:
https://anonscm.debian.org/cgit/users/kroeckx/devotee.git/commit/?id=8049a3792be7330c2ed493154e2fcc05f01d32c2


Kurt

Bug#781938: RFS: vid.stab/0.98b-1

[Vincent Pinon]

Hello,

One month  later, I still haven't forgotten that task, sorry for the delay ;)
new upload here:
http://mentors.debian.net/package/vid.stab

Le mardi 27 octobre 2015, 00:16:57 Andreas Cadhalpun a écrit :
[snip]
>  * d/control:
> - 'Priority: optional' not extra
> - packages should be 'Multi-Arch: same'
>  * d/copyright: misses copyright of 'Alexey Osipov'
Done, thanks for guidance!

> The tests could be run e.g. with:
> cd tests; cmake .; make all; ./tests
> However, the return code is wrong [2].
I included your patch, but I'm not sure how to add & run test target in 
debian/rules.
This might go into future improvements, with the runtime loading of SSE on 
i386? (Felipe's suggestion)

I don't know if this packaging activity is worth versioning on alioth, as 
upstream doesn't seem to evolve any/much more?
If yes anyway, am I allowed to initialize a git repo?

Many thanks again,
Cheers,

Vincent.

signature.asc
Description: This is a digitally signed message part.

Bug#806324: qgis: FTBFS on testing (unrecognized relocation in linking stage)

[Olivier MATZ]

Hello,

I confirm Yorik's analysis: I have the same issue while compiling
Freecad from mainstream sources on my testing.

I downgraded the following packages to these versions:

libqt4-dbus_4.8.7+dfsg-3_amd64.deb
libqt4-declarative_4.8.7+dfsg-3_amd64.deb
libqt4-designer_4.8.7+dfsg-3_amd64.deb
libqt4-dev_4.8.7+dfsg-3_amd64.deb
libqt4-dev-bin_4.8.7+dfsg-3_amd64.deb
libqt4-help_4.8.7+dfsg-3_amd64.deb
libqt4-network_4.8.7+dfsg-3_amd64.deb
libqt4-qt3support_4.8.7+dfsg-3_amd64.deb
libqt4-script_4.8.7+dfsg-3_amd64.deb
libqt4-scripttools_4.8.7+dfsg-3_amd64.deb
libqt4-sql_4.8.7+dfsg-3_amd64.deb
libqt4-svg_4.8.7+dfsg-3_amd64.deb
libqt4-test_4.8.7+dfsg-3_amd64.deb
libqt4-xml_4.8.7+dfsg-3_amd64.deb
libqt4-xmlpatterns_4.8.7+dfsg-3_amd64.deb
libqtcore4_4.8.7+dfsg-3_amd64.deb
libqtdbus4_4.8.7+dfsg-3_amd64.deb
libqtgui4_4.8.7+dfsg-3_amd64.deb
qdbus_4.8.7+dfsg-3_amd64.deb
qt4-linguist-tools_4.8.7+dfsg-3_amd64.deb
qt4-qmake_4.8.7+dfsg-3_amd64.deb

And after that the build worked.

Regard,
Olivier

Bug#805710: nfs-common: NFS mounts don't work because nfs-common starts before rpcbind.service

[Laurent Bigonville]

On Sat, 21 Nov 2015 08:38:09 +0100 =?utf-8?q?Michal_Ka=C5=A1par?= 
 wrote:

> Dear Maintainer,

Hi,

> NFS mounts don't work on systemd enabled systems because nfs-common is
> started before rpcbind. If nfs-common is restarted after boot, the
> mounts start to work fine. In log files I see:
> nfs-common[1301]: Not starting: portmapper is not running ... (warning).

Since rpcbind version 0.2.3-0.2, it is using systemd socket activation. 
I'm a bit surprised that the daemon is not activated during boot.

Bug#806672: dh-make: Creates watch.ex when --native tag is used

[Riley Baird]

Package: dh-make
Version: 1.20150601
Severity: minor

Hi,

For a native package, it does not make sense to have a watch file. For this
reason, when the --native tag is used, watch.ex should not be created.

Yours thankfully,

Riley Baird



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dh-make depends on:
ii  debhelper  9.20151117
ii  dpkg-dev   1.18.3
ii  make   4.0-8.2
ii  perl   5.20.2-6

dh-make recommends no packages.

Versions of packages dh-make suggests:
ii  build-essential  12.1

-- no debconf information

Bug#806670: Debian Packages with Qt5

[chrysn]

On Sun, Nov 29, 2015 at 10:23:38PM +0100, chrysn wrote:
> i'll let you know which results the hopefully more non-debug builds got
> me when they are through.

my most recent development builds, whose qmake invocation goes like

> qmake -makefile -nocache "QMAKE_CFLAGS_RELEASE=-g -O2 -fPIE
>-fstack-protector-strong -Wformat -Werror=format-security
>-D_FORTIFY_SOURCE=2" "QMAKE_CFLAGS_DEBUG=-g -O2 -fPIE
>-fstack-protector-strong -Wformat -Werror=format-security
>-D_FORTIFY_SOURCE=2" "QMAKE_CXXFLAGS_RELEASE=-g -O2 -fPIE
>-fstack-protector-strong -Wformat -Werror=format-security
>-D_FORTIFY_SOURCE=2" "QMAKE_CXXFLAGS_DEBUG=-g -O2 -fPIE
>-fstack-protector-strong -Wformat -Werror=format-security
>-D_FORTIFY_SOURCE=2" "QMAKE_LFLAGS_RELEASE=-fPIE -pie -Wl,-z,relro
>-Wl,-z,now" "QMAKE_LFLAGS_DEBUG=-fPIE -pie -Wl,-z,relro -Wl,-z,now"
>QMAKE_STRIP=: PREFIX=/usr VERSION=2015.03-2 CONFIG-=debug
>QMAKE_STRIP=echo

(which, by the way, indicates that my qmake_strip workaround is also
included in debian's recent build system), but they do not show a
noticeable reduction in dragging.

neither did invoking openscad as

$ glXSwapIntervalMESA=0 openscad

(was that the way it should work better?)

is there a way to test for the presence of the forced buffer swaps that
is less subjective than watching out for dragging?

best regards
chrysn

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom


signature.asc
Description: PGP signature

Bug#806632: libsis-base-java: FTBFS when built with dpkg-buildpackage -A (override_dh_auto_test fails)

[tony mancill]

On 11/29/2015 10:04 AM, Andreas Tille wrote:
> Hi,
> 
> it seems this is a general FTBFS error since it also fails for normal
> builds.  Any hint how to fix this would be welcome.
> 
> Kind regards
> 
>Andreas.


Hi Andreas,

I am able to build in a clean cowbuilder chroot, but I think the root
cause for the error you're seeing lies with how the Unix class in
libsis-base-java performs process detection.  It will:

(a) check for the existence of /proc/$pid/

and if that fails:

(b) invoke "ps -p $pid" and check the return code

If the build environment doesn't provide /proc and doesn't have procps
installed (which is only priority "important" and so isn't guaranteed to
be there), then that could explain the failure you're seeing.  If that
fits what you're seeing, you could try adding a build-dep on procps.

Cheers,
tony



signature.asc
Description: OpenPGP digital signature

Bug#806592: vdr: Fails to start without video directory

[Tobias Grimm]

Hello Paul!

What would be a better location for the recording directory?
/var/lib/video was especially chosen more than a decade ago to be FHS
conform (/video was used before). Maybe /var/lib/vdr/(video|recordings)
would be better?

On new installations root will be asked to create /var/lib/video. If the
admin doesn't do so, it is expected that he is creating/configuring a
video directory manually. I'm not sure if it would be wise to always
create /var/lib/video. As you noted, it could quickly run full. The common
use case is to have a special drive / LVM / NFS share or whatever for
recordings. This will always require the admin to manually mount/link
/var/lib/video or configure a different recording directory in 00-vdr.conf.

The upgrade situation is kinda difficult. The config files have completely
changed, multiple video directories (video.00/01...) are not supported
anymore by upstream and getting everything to work with systemd AND
SysVinit doesn't make things easier. At least for upgrades the admin is
expected to update some config options manually, which is noted in the NEWS.

I'm open to every suggestion to improve things as long as it doesn't
involve setting any config options from the maintainer scripts.

BR,

Tobias

On 29.11.2015 13:45, Paul Menzel wrote:

> Package: vdr
> Version: 2.2.0-5
> Severity: important
> 
> Dear Debian folks,
> 
> 
> `/var/lib/video` does not exist on my system and therefore VDR fails to
> start.
> 
> ```
> $ systemctl status vdr
> ● vdr.service - Video Disk Recorder
>Loaded: loaded (/lib/systemd/system/vdr.service; enabled; vendor preset: 
> enabled)
>Active: failed (Result: exit-code) since Sa 2015-11-28 07:59:50 CET; 22min 
> ago
>   Process: 1343 ExecStart=/usr/bin/vdr (code=exited, status=2)
>   Process: 1305 ExecStartPre=/bin/sh /usr/lib/vdr/merge-commands.sh reccmds 
> (code=exited, status=0/SUCCESS)
>   Process: 975 ExecStartPre=/bin/sh /usr/lib/vdr/merge-commands.sh commands 
> (code=exited, status=0/SUCCESS)
>  Main PID: 1343 (code=exited, status=2)
> 
> Nov 28 07:58:05 myhostname systemd[1]: Starting Video Disk Recorder...
> Nov 28 07:59:46 myhostname vdr[1343]: [1343] ERROR (tools.c,441): 
> /var/lib/video: Datei oder Verzeichnis nicht gefunden
> Nov 28 07:59:50 myhostname systemd[1]: vdr.service: Main process exited, 
> code=exited, status=2/INVALIDARGUMENT
> Nov 28 07:59:50 myhostname systemd[1]: Failed to start Video Disk Recorder.
> Nov 28 07:59:50 myhostname systemd[1]: vdr.service: Unit entered failed state.
> Nov 28 07:59:50 myhostname systemd[1]: vdr.service: Failed with result 
> 'exit-code'.
> Nov 28 07:59:50 myhostname vdr[1343]: vdr: can't access video directory 
> /var/lib/video
> ```
> 
> Should the start script at least create that directory, so that VDR
> continues running. I understand that one could argue, that this is not
> desired, as the partition, `/var/lib/video` exists on, could run full.
> 
> 
> Thanks,
> 
> Paul
> 
> 
> PS: I’ll contact the mailing list, why `/var/lib` is used to store
> videos. That fundamentally violates the FHS [1] in my opinion.
> 
> 
> [1] https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: i386 (i686)
> 
> Kernel: Linux 3.19.0-trunk-686-pae (SMP w/2 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages vdr depends on:
> ii  adduser3.113+nmu3
> ii  debconf [debconf-2.0]  1.5.58
> ii  init-system-helpers1.24
> ii  libc6  2.19-22
> ii  libcap21:2.24-12
> ii  libfontconfig1 2.11.0-6.3
> ii  libfreetype6   2.6.1-0.1
> ii  libgcc11:5.2.1-25
> ii  libjpeg62-turbo1:1.4.1-2
> ii  libstdc++6 5.2.1-25
> ii  libsystemd0228-2
> 
> Versions of packages vdr recommends:
> ii  fonts-freefont-ttf  20120503-4
> ii  lirc0.9.0~pre1-1.2
> ii  ttf-bitstream-vera  1.10-8
> 
> Versions of packages vdr suggests:
> pn  vdr-plugin-dvbsddevice  
> 
> -- debconf information:
> * vdr/select_dvb_card: Terrestrial
>   vdr/create_video_dir: false
> 
> 
> 
> ___
> pkg-vdr-dvb-devel mailing list
> pkg-vdr-dvb-de...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-vdr-dvb-devel
> 




signature.asc
Description: OpenPGP digital signature

Bug#806612: [Debichem-devel] Bug#806612: cp2k: FTBFS when built with dpkg-buildpackage -A (different version of GNU Fortran)

[Michael Banck]

Hi Santiago,

On Sun, Nov 29, 2015 at 04:22:14PM +, Santiago Vila wrote:
> Package: src:cp2k
> Version: 2.6.1-2
> User: sanv...@debian.org
> Usertags: binary-indep
> Severity: important
> 
> Dear maintainer:
> 
> I tried to build this package with "dpkg-buildpackage -A"
> (i.e. only architecture-independent packages), and it failed:

which architecture was this on?


Michael

Bug#806645: ntp.key manpage refers to non-existent documentation

[Christoph Anton Mitterer]

Package: ntp
Version: 1:4.2.8p4+dfsg-3+b1
Severity: normal


Hi.

The ntp.key manpage refers to:
> the  "Authentication  Support" section of the ntp.conf(5) page
However there is no such section there.

Chris.

Bug#806542: liblinux-prctl-perl: autopkgtest failures: seccomp, capbset

[Salvatore Bonaccorso]

Hi Niko, hi Antonio

On Sat, Nov 28, 2015 at 09:03:30PM +0200, Niko Tyni wrote:
> On Sat, Nov 28, 2015 at 07:22:01PM +0100, Salvatore Bonaccorso wrote:
> 
> > > Package: liblinux-prctl-perl
> > > Version: 1.6.0-2 
> 
> > > This package recently started failing its autopkgtest checks on 
> > > ci.debian.net:
> 
> > Thanks for reporting this. I can reproduce the test failures if I
> > build in a LXC container (running sid) on a sid host.
> > 
> > As datapoint: Looks ci.d.n switched from schroot based test to LXC
> > based for at least liblinux-prctl-perl.
> 
> Yeah, that makes sense. I expect the failures are just caused
> by different defaults and/or restrictions inside lxc containers.

So indeed this seems the reason. First for the t/capbset.t failures.
The LXC configuration for the debian template contain:

 12 # Default capabilities
 13 lxc.cap.drop = sys_module mac_admin mac_override sys_time

and in same way for t/seccomp.t, this is caused by:

 63 # Blacklist some syscalls which are not safe in privileged
 64 # containers
 65 lxc.seccomp = /usr/share/lxc/config/common.seccomp

where in common.seccomp:

  1 2   
  
  2 blacklist
  3 reject_force_umount  # comment this to allow umount -f;  not recommended
  4 [all]
  5 kexec_load errno 1
  6 open_by_handle_at errno 1
  7 init_module errno 1
  8 finit_module errno 1
  9 delete_module errno 1

In this configuration, get_seccomp will return 2, 

# perl -E 'use Linux::Prctl qw(:constants :functions); say get_seccomp();'
2

   PR_GET_SECCOMP (since Linux 2.6.23)
  Return (as the function result) the secure computing mode of the
  calling thread.  If the caller is not in secure computing  mode,
  this operation returns 0; if the caller is in strict secure com-
  puting mode, then the prctl() call will cause a  SIGKILL  signal
  to be sent to the process.  If the caller is in filter mode, and
  this system call is allowed by the seccomp filters,  it  returns
  2.  This operation is available only if the kernel is configured
  with CONFIG_SECCOMP enabled.

Regards,
Salvatore

Bug#806670: rotation is dragging

[chrysn]

Package: openscad
Version: 2015.03-1+dfsg-3
Severity: important

(forwarding info from tpaul into bts)

> Are the packages in testing built with CONFIG-=debug ?
> 
> For some yet unknown reason it seems the Qt debug version forces OpenGL
> to vsync buffer swaps which makes the display quite unusable even with
> simple models (e.g. even the "CSG" example model with the 3 cubes).
> 
> I can reproduce that it works ok with CONFIG-=debug, but rotating
> is really dragging without that qmake option.
> 
> I'm not 100% sure it's really vsync, as it did not even help when
> manually forcing it to 0 using glXSwapIntervalMESA or glXSwapIntervalSGI,
> but right now the packages in testing seem to be unusable for some
> people 
> (http://forum.openscad.org/OpenScad-2014-03-Segmentation-Fault-td14800.html).


signature.asc
Description: PGP signature

Bug#805167: rpcbind: Regression: must restart rpc bind to run ypbind (nis)

[Laurent Bigonville]

On Sun, 15 Nov 2015 13:56:50 +0100 Elimar Riesebieter 
 wrote:


Hi,

> Can't run nis:
> # ypbind -no-dbus -broadcast -debug
> 1679: add_server() domain: mynisdomain, broadcast
> 1679: [Welcome to ypbind-mt, version 1.20.1]
> 1679: ping interval is 20 seconds
> Cannot register service: RPC: Unable to receive; errno = Connection 
refused

> 1679: Unable to register (YPBINDPROG, YPBINDVERS, udp).
>
> Restarting rpc bind gets me back to restart nis successfull.
>
> # service rpcbind restart
> # service nis restart
>
> Reverting to rpcbind 0.2.1-6.1 solves the problem. Please notice
> that this happens only on systemd machines. Running sysvinit doesn't
> show this behaviour.

The fact that rpcbind is not automatically started at boot is expected 
since it's now socket activated under systemd.


It seems that ypbind is using an udp socket instead of the unix socket 
to connect to it


I'm adding nis/ypbind maintainer  in the loop.

Cheers,

Laurent Bigonville

Bug#806674: wkhtmltopdf ignores /etc/papersize

[Dennis Boone]

Package: wkhtmltopdf
Version: 0.12.2.4-1
Severity: normal

wkhtmltopdf ignores /etc/papersize, and defaults to A4.  It should
respect the system default paper size.

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=es_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wkhtmltopdf depends on:
ii  libc6   2.19-11  GNU C Library: Shared
libraries
ii  libgcc1 1:4.9.2-10   GCC support library
ii  libgl1-mesa-glx [libgl1]10.3.2-1 free implementation of the
OpenGL 
ii  libqt5core5a5.5.1+dfsg-8 Qt 5 core module
ii  libqt5gui5  5.5.1+dfsg-8 Qt 5 GUI module
ii  libqt5network5  5.5.1+dfsg-8 Qt 5 network module
ii  libqt5printsupport5 5.5.1+dfsg-8 Qt 5 print support module
ii  libqt5svg5  5.5.1-2  Qt 5 SVG module
ii  libqt5webkit5   5.5.1+dfsg-2 Web content engine library
for Qt
ii  libqt5widgets5  5.5.1+dfsg-8 Qt 5 widgets module
ii  libqt5xmlpatterns5  5.5.1-2  Qt 5 XML patterns module
ii  libstdc++6  5.2.1-25 GNU Standard C++ Library v3

Versions of packages wkhtmltopdf recommends:
ii  xserver-xephyr [xserver]  2:1.14.5-1 nested X server

wkhtmltopdf suggests no packages.

-- no debconf information

Bug#806675: hmmer: nhmmer fails with fatal exception on armhf

[Sascha Steinbiss]

Source: hmmer
Severity: normal

Dear Maintainer,

while reviewing the reproducible builds output for the barrnap package,
which depends on nhmmer, I noticed that a nhmmer problem seems to break
barrnap's post-build test run [1]. 
I'm suspecting this is platform related as it has never occured before
until the reproducibility builds started including ARM as a target platform [2].

I checked the unit test output for the hmmer armhf build [3] and some of the
tests at the end seem to crash or fail as well. This is also the case for the
other ARM platforms, powerpc and mips, but not for i386.

Cheers
Sascha

[1] https://reproducible.debian.net/rb-pkg/unstable/armhf/barrnap.html
[2] https://reproducible.debian.net/history/barrnap.html
[3] 
https://buildd.debian.org/status/fetch.php?pkg=hmmer=armhf=3.1b2-1=1436134926

Bug#806372: soundconverter: add files window does not filter results

[Sebastian Ramacher]

Control: tags -1 + upstream
Control: forwarded -1 https://github.com/kassoulet/soundconverter/pull/12

On 2015-11-26 19:06:36, Rock Storm wrote:
> Package: soundconverter
> Version: 3.0.0~alpha1+git20151119-1
> Severity: normal
> 
> Dear Maintainer,
> 
> In the "Add Files" window, whenever trying to filter results by file type, say
> ".m4a" or ".ogg", no matter what filetype I choose it does not apply the 
> filter
> plus I get the following lines in the terminal:
> 
> Traceback (most recent call last):
>   File "/usr/share/soundconverter/python/soundconverter/ui.py", line 1116, in 
> on_combo_changed
> filefilter.add_custom(Gtk.FILE_FILTER_DISPLAY_NAME, self.filter_cb,
>   File "/usr/lib/python3/dist-packages/gi/overrides/__init__.py", line 39, in 
> __getattr__
> return getattr(self._introspection_module, name)
>   File "/usr/lib/python3/dist-packages/gi/module.py", line 137, in __getattr__
> self.__name__, name))
> AttributeError: 'gi.repository.Gtk' object has no attribute 
> 'FILE_FILTER_DISPLAY_NAME'

I have sent a patch upstream and will include it in the next upload.

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#802508: Not compatible with gnome-shell 3.18

[hpfn]

Hi,

On Sun, 15 Nov 2015 14:40:11 +0100 zulu  wrote:
> gnome-shell-mailnag-0.16.0 has been released upstream a few days ago.
> It's compatible with gnome-shell 3.16 and 3.18.
> 

I saw this bug today. The package will be 
removed tomorrow. So I did a NMU.

I'm not the maintainer, not even a DD. I'm
a DM. So I put the package at mentors. Feel 
free to do what is better.

I edited debian/changelog and debian/control files
only.

http://mentors.debian.net/package/gnome-shell-mailnag
http://mentors.debian.net/debian/pool/main/g/gnome-shell-mailnag/gnome-shell-mailnag_3.16.0-1.1.dsc

regards,
-- 
Herbert Parentes Fortes Neto (hpfn)

Bug#806639: Please allow to run internal test suite during build

[Guido Günther]

Source: nss
Version: 2:3.21-1
Severity: wishlist
Tags: patch

Hi,
attached patch enables running parts of the internal test suite. I hope
to run all.sh at one point but for now this covers quit some ground and
helps to detect errors when backporting.
It be great to have this applied.

In case you prefer to cherry-pick I have a temporary repo at:

https://github.com/agx/nss-debian

Cheers,
 -- Guido
>From 87bf710006832565cfd173ccb8e9bc7a2b678994 Mon Sep 17 00:00:00 2001
Message-Id: <87bf710006832565cfd173ccb8e9bc7a2b678994.1448817454.git@sigxcpu.org>
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Sat, 28 Nov 2015 17:52:32 +0100
Subject: [PATCH] Run standard cycle of nss's testsuite

---
 debian/rules | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/debian/rules b/debian/rules
index c7b3488..4964b49 100755
--- a/debian/rules
+++ b/debian/rules
@@ -187,6 +187,20 @@ override_dh_gencontrol:
 	dh_gencontrol -- -Vmisc:Multi-Arch=same
 endif
 
+override_dh_auto_test:
+	# Create .chk files for FIPS mode tests
+	$(foreach lib,libsoftokn3.so libfreebl3.so libnssdbm3.so, \
+	  $(call cmd,cd $(DISTDIR)/lib; LD_LIBRARY_PATH=$(DISTDIR)/lib $(DISTDIR)/bin/shlibsign -v -i $(lib)))
+	# Run tests
+	export DIST=$(CURDIR) &&\
+	export OBJDIR=dist&&\
+	export IP_ADDRESS=127.0.0.1   &&\
+	export USE_IP=TRUE&&\
+	export NSS_CYCLES=standard&&\
+	cd $(CURDIR)/nss/tests&& ./all.sh
+	# Cleanup
+	rm -f dist/lib/*.chk
+
 override_dh_builddeb:
 	dh_builddeb -- -Zxz
 
-- 
2.6.2

Bug#806637: mitmproxy --verify-upstream-cert: doesn't check if hostname matches certificate's CN/SAN (CWE-297)

[Jakub Wilk]

Package: mitmproxy
Version: 0.13-1
Tags: security

With the --verify-upstream-cert option enabled, mitmproxy is supposed to 
verify upstream servers certificate. However, it doesn't seem to verify 
that the server hostname matches a domain name in the

subject's Common Name or subjectAltName field of the certificate.

For example, https://planet.debian.org/ certificate is invalid for this 
host. But if you try to connect to it through mitmproxy, you get a valid 
certificate with "planet.debian.org" in subjectAltName.



-- System Information:
Debian Release: stretch/sid
 APT prefers unstable
 APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages mitmproxy depends on:
ii  python 2.7.9-1
ii  python-blinker 1.3.dfsg2-1
ii  python-configargparse  0.10.0-1
ii  python-html2text   2015.6.21-1
ii  python-lxml3.4.4-1+b1
ii  python-netlib  0.13.1-1
ii  python-pil 2.9.0-1+b1
ii  python-pyasn1  0.1.9-1
ii  python-pyparsing   2.0.3+dfsg1-1
ii  python-tornado 4.2.1-1+b1
ii  python-urwid   1.3.1-2
pn  python:any 

--
Jakub Wilk

Bug#806638: gnupg: Transfer of subkey to Yubikey 4 smart card fails (assertion error)

[David North]

Package: gnupg
Version: 1.4.18-7
Severity: normal

I've recently obtained a Yubikey 4 and am trying to use it as a smart card with
gnupg. I see that gpg 1.x only supports card keys of up to 3072 bits - although
this device supports up to 4096 - so I have generated some sub-keys of that
length to keep on the card.

Unfortunately the transfer to the card fails:

gpg --edit-key da...@dnorth.net

...

keytocard

...

gpg: writing new key
gpg: ../../g10/app-openpgp.c:2271: build_privkey_template: Assertion `rsa_e_len 
<= rsa_e_reqlen' failed.
Aborted

I've tried shortening the subkey length to 2048 bits, but I get exactly the same
error. This happens regardless of which slot I attempt to use on the card.

-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to 
en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnupg depends on:
ii  gpgv  1.4.18-7
ii  libbz2-1.01.0.6-7+b3
ii  libc6 2.19-18+deb8u1
ii  libreadline6  6.3-8+b3
ii  libusb-0.1-4  2:0.1.12-25
ii  zlib1g1:1.2.8.dfsg-2+b1

Versions of packages gnupg recommends:
pn  gnupg-curl 
ii  libldap-2.4-2  2.4.40+dfsg-1+deb8u1

Versions of packages gnupg suggests:
ii  eog   3.14.1-1
pn  gnupg-doc 
ii  imagemagick   8:6.8.9.9-5
ii  libpcsclite1  1.8.13-1
pn  parcimonie

-- no debconf information

Bug#759044: forward to upstream.

[Olly Betts]

On Tue, Sep 15, 2015 at 11:29:00PM +0200, Moritz Mühlenhoff wrote:
> On Tue, Sep 23, 2014 at 10:26:56PM +0800, Ying-Chun Liu (PaulLiu) wrote:
> > forwarded 759044 https://github.com/Tribler/tribler/issues/875
> > thanks
> 
> So apparently upstream doesn't have the time to work on this.
> 
> A year later, shall we go ahead with the removal of tribler? It's
> one of the last two packages blocking the removal of WX 2.8.

So tribler is now the only package blocking the removal of wxwidgets2.8
(amule just got updated).

Cheers,
Olly

Bug#773792: plymouth: Plymouth disables hardware graphics acceleration

[Laurent Bigonville]

tags -1 moreinfo
thanks

On Tue, 23 Dec 2014 11:07:41 + Sam Morris  wrote:

Hi,

> When I boot with the 'splash' kernel parameter, I get stuck with
> llvmpipe. I am attaching Xorg.log files from two boots, one with
> 'splash' and the other without. They differ at:
>
> (WW) intel(0): cannot enable DRI2 whilst forcing software fallbacks
>
> when using Plymouth, and
>
> (II) intel(0): [DRI2] Setup complete
> (II) intel(0): [DRI2] DRI driver: i965
>
> without. My hardware:
>
> 00:02.0 VGA compatible controller: Intel Corporation Mobile 
GM965/GL960 Integrated Graphics Controller (primary) (rev 03)
> 00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 
Integrated Graphics Controller (secondary) (rev 03)


Are you still able to reproduce this with the recent versions of plymouth?

Cheers,

Laurent Bigonville

Bug#759044: forward to upstream.

[Moritz Mühlenhoff]

On Mon, Nov 30, 2015 at 08:22:49AM +1300, Olly Betts wrote:
> On Tue, Sep 15, 2015 at 11:29:00PM +0200, Moritz Mühlenhoff wrote:
> > On Tue, Sep 23, 2014 at 10:26:56PM +0800, Ying-Chun Liu (PaulLiu) wrote:
> > > forwarded 759044 https://github.com/Tribler/tribler/issues/875
> > > thanks
> > 
> > So apparently upstream doesn't have the time to work on this.
> > 
> > A year later, shall we go ahead with the removal of tribler? It's
> > one of the last two packages blocking the removal of WX 2.8.
> 
> So tribler is now the only package blocking the removal of wxwidgets2.8
> (amule just got updated).

Given that this
- has been removed from testing for over a year now
- also blocks the removal of gstreamer 0.10
- upstream stated they don't have currently the manpower to port this
- popcon is marginal
I just went ahead and filed a removal bug.

tribler can re-enter the archive as soon as it has been ported.

Cheers,
Moritz

Bug#806652: RM: tribler -- RoQA; depends on obsolete wx2.8/gstreamer 0.10

[Moritz Muehlenhoff]

Package: ftp.debian.org
Severity: normal

Hi,
please remove tribler from the archive. It's the last package in the
archive blocking the removal of wxwidgets2.8 (and transitively also
blocking the removal of gstreamer 0.10). Popcon is marginal and
upstream has stated in https://github.com/Tribler/tribler/issues/875
that they don't have the manpower to port this to wxwidget3.0.
Plus, tribler can easily re-enter the archive as soon as it has been ported.

Cheers,
Moritz

Bug#806662: urweb: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:urweb
Version: 20151122+dfsg-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --parallel --with autoreconf
   dh_testdir -i -O--parallel
   dh_autoreconf -i -O--parallel
libtoolize: putting auxiliary files in `.'.
libtoolize: copying file `./ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
libtoolize: copying file `m4/libtool.m4'
libtoolize: copying file `m4/ltoptions.m4'
libtoolize: copying file `m4/ltsugar.m4'
libtoolize: copying file `m4/ltversion.m4'
libtoolize: copying file `m4/lt~obsolete.m4'

[... snipped ...]

Overfull \hbox (9.77115pt too wide) detected at line 2364
[]
[51] [52] [53]
Overfull \hbox (23.76846pt too wide) in paragraph at lines 2453--2454
[]\T1/aer/m/n/10 The C FFI ver-sion of a Ur func-tion with type \T1/aett/m/n/10
 T1 -> ... -> TN -> R \T1/aer/m/n/10 or \T1/aett/m/n/10 T1 -> ... -> TN -> tran
saction
[54] [55] [56] [57] [58] [59] [60] [61] (./manual.aux) )
(see the transcript file for additional information)<
/usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/cm/cmr7.pfb>
Output written on manual.pdf (61 pages, 437237 bytes).
Transcript written on manual.log.
make[2]: Leaving directory '/<>/urweb-20151122+dfsg/doc'
make[1]: Leaving directory '/<>/urweb-20151122+dfsg'
   dh_auto_test -i -O--parallel
make -j1 test
make[1]: Entering directory '/<>/urweb-20151122+dfsg'
bin/urweb -boot -noEmacs -dbms sqlite -db /tmp/urweb.db -demo /Demo demo
/bin/bash: bin/urweb: No such file or directory
Makefile:933: recipe for target 'test' failed
make[1]: *** [test] Error 127
make[1]: Leaving directory '/<>/urweb-20151122+dfsg'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:17: recipe for target 'build-indep' failed
make: *** [build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806664: yaws: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:yaws
Version: 2.0.2-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --with autotools_dev
   dh_testdir -i
   dh_autotools-dev_updateconfig -i
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>'
dh_testdir
#
CFLAGS="-Wall -g -O2" \
./configure --host=x86_64-linux-gnu \
--build=x86_64-linux-gnu \
--prefix=/usr \

[... snipped ...]

make[3]: Entering directory '/<>/applications/wiki/src'
make[4]: Entering directory '/<>/applications/wiki/src'
make[4]: Nothing to be done for 'install-exec-am'.
make[4]: Nothing to be done for 'install-data-am'.
make[4]: Leaving directory '/<>/applications/wiki/src'
make[3]: Leaving directory '/<>/applications/wiki/src'
Making install in ebin
make[3]: Entering directory '/<>/applications/wiki/ebin'
make[4]: Entering directory '/<>/applications/wiki/ebin'
make[4]: Nothing to be done for 'install-exec-am'.
 /bin/mkdir -p '/<>/debian/tmp/var/yaws/wiki/ebin/'
 /usr/bin/install -c -m 644 utils.beam wiki.beam wiki_diff.beam 
wiki_format_txt.beam wiki_plugin_backlinks.beam wiki_plugin_dummy.beam 
wiki_plugin_menu.beam wiki_split.beam wiki_templates.beam wiki_to_html.beam 
wiki_utils.beam wiki_yaws.beam '/<>/debian/tmp/var/yaws/wiki/ebin/'
make[4]: Leaving directory '/<>/applications/wiki/ebin'
make[3]: Leaving directory '/<>/applications/wiki/ebin'
make[3]: Entering directory '/<>/applications/wiki'
make[4]: Entering directory '/<>/applications/wiki'
make[4]: Nothing to be done for 'install-exec-am'.
make[4]: Leaving directory '/<>/applications/wiki'
make[3]: Leaving directory '/<>/applications/wiki'
make[2]: Leaving directory '/<>/applications/wiki'
#
# Fix permissions of application files
find /<>/debian/tmp/var/yaws -type f -exec chmod a-x \{\} \;
#
# Generate postinst and postrm scripts for applications
for app in chat mail wiki yapp ; do \
sed -e "s/@APPLICATION@/$app/g" \
debian/yaws-application.postinst.in >debian/yaws-$app.postinst || exit 
1; \
sed -e "s/@APPLICATION@/$app/g" \
debian/yaws-application.postrm.in >debian/yaws-$app.postrm || exit 1 ; \
done
#
dh_install -i
cp: cannot stat 'debian/tmp/debian/tmp/usr/bin': No such file or directory
dh_install: cp --reflink=auto -a debian/tmp/debian/tmp/usr/bin 
debian/yaws//usr// returned exit code 1
debian/rules:122: recipe for target 'override_dh_auto_install-indep' failed
make[1]: *** [override_dh_auto_install-indep] Error 2
make[1]: Leaving directory '/<>'
debian/rules:35: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806657: love: FTBFS when built with dpkg-buildpackage -A (dh_install: love-doc missing files)

[Santiago Vila]

Package: src:love
Version: 0.9.1-3
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh_testdir
libtoolize
libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `platform/unix/m4'.
libtoolize: linking file `platform/unix/m4/libtool.m4'
libtoolize: linking file `platform/unix/m4/ltoptions.m4'
libtoolize: linking file `platform/unix/m4/ltsugar.m4'
libtoolize: linking file `platform/unix/m4/ltversion.m4'
libtoolize: linking file `platform/unix/m4/lt~obsolete.m4'
dh_autoreconf
libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `platform/unix'.
libtoolize: copying file `platform/unix/ltmain.sh'

[... snipped ...]

checking for devil... yes
checking for libmodplug... yes
checking for vorbisfile... yes
checking for library containing sqrt... none required
checking for library containing PHYSFS_init... -lphysfs
checking for library containing glLoadIdentity... -lGL
checking for library containing lua_pcall... -lluajit-5.1 
checking for library containing mpg123_open_feed... -lmpg123
checking for library containing mpg123_seek_64... none required
checking for socklen_t... yes
checking for luajit5.1... no
checking for luajit... no
checking for lua... lua
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating src/Makefile
config.status: creating config.h
config.status: executing depfiles commands
config.status: executing libtool commands
cd src/scripts/ && lua auto.lua boot graphics
boot: Success
graphics: Success
touch configure-stamp
dh_testdir
touch build-indep-stamp
 fakeroot debian/rules binary-indep
dh_testdir
dh_testroot
dh_prep -i
dh_installdirs -i
dh_testdir
dh_testroot
dh_installchangelogs -i
dh_installdocs -i
dh_installexamples -i
dh_install -i
dh_install: love-doc missing files (demos/*.love), aborting
debian/rules:87: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806656: lilo: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:lilo
Version: 1:24.2-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep
   dh_testdir -i
   dh_auto_configure -i
   debian/rules override_dh_auto_build
make[1]: Entering directory '/<>'
dh_auto_build
make -j1
make[2]: Entering directory '/<>'
./checkit
GCC version 3.3.5 or later is required
gcc version 5.2.1

[... snipped ...]

make[2]: Leaving directory '/<>/hooks'
make -C sample install
make[2]: Entering directory '/<>/sample'
mkdir -p $DESTDIR/etc
install -m 0644 lilo.example.conf $DESTDIR/etc/lilo.conf_example
make[2]: Leaving directory '/<>/sample'
make -C scripts install
make[2]: Entering directory '/<>/scripts'
mkdir -p $DESTDIR/usr/sbin
install -m 0755  liloconfig  $DESTDIR/usr/sbin
install -m 0755  lilo-uuid-diskid  $DESTDIR/usr/sbin
make[2]: Leaving directory '/<>/scripts'
make -C man install
make[2]: Entering directory '/<>/man'
mkdir -p $DESTDIR/usr/share/man/man5
for MF in lilo.conf; do \
  install -m 0644  $MF.5  $DESTDIR/usr/share/man/man5; \
done
mkdir -p $DESTDIR/usr/share/man/man8
for MF in keytab-lilo lilo-uuid-diskid lilo liloconfig mkrescue; do \
  install -m 0644  $MF.8  $DESTDIR/usr/share/man/man8; \
done
make[2]: Leaving directory '/<>/man'
make -C dos install
make[2]: Entering directory '/<>/dos'
if [ -d $DESTDIR/dosC/boot -a -f lilo.com ]; then \
  cp lilo.com $DESTDIR/dosC/boot; fi
make[2]: Leaving directory '/<>/dos'
make[1]: Leaving directory '/<>'
   debian/rules override_dh_install
make[1]: Entering directory '/<>'
dh_install
Set execute flag to chattr-lilo hook scripts
chmod 0755 debian/lilo/usr/lib/lilo/hooks/kernel/*/chattr-lilo
chmod: cannot access 'debian/lilo/usr/lib/lilo/hooks/kernel/*/chattr-lilo': No 
such file or directory
debian/rules:20: recipe for target 'override_dh_install' failed
make[1]: *** [override_dh_install] Error 1
make[1]: Leaving directory '/<>'
debian/rules:10: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806659: sushi: FTBFS when built with dpkg-buildpackage -A (mv: target is not a directory)

[Santiago Vila]

Package: src:sushi
Version: 1.4.0+dfsg-1.1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --with python2
   dh_testdir -i
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>/sushi-1.4.0+dfsg'
cd maki && env WAFDIR=/<>/sushi-1.4.0+dfsg ./waf configure --prefix 
/usr
Setting top to   : /<>/sushi-1.4.0+dfsg/maki 
Setting out to   : 
/<>/sushi-1.4.0+dfsg/maki/build 
Checking for 'gcc' (c compiler)  : /usr/bin/gcc 
Checking for program msgfmt  : /usr/bin/msgfmt 
Checking for program perl: /usr/bin/perl 
Checking for 'intltool-merge': /usr/bin/intltool-merge 

[... snipped ...]

+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/ast/LC_MESSAGES/tekka.mo
 (from build/po/ast.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/bg/LC_MESSAGES/tekka.mo
 (from build/po/bg.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/cs/LC_MESSAGES/tekka.mo
 (from build/po/cs.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/da/LC_MESSAGES/tekka.mo
 (from build/po/da.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/de/LC_MESSAGES/tekka.mo
 (from build/po/de.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/en_GB/LC_MESSAGES/tekka.mo
 (from build/po/en_GB.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/es/LC_MESSAGES/tekka.mo
 (from build/po/es.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/fi/LC_MESSAGES/tekka.mo
 (from build/po/fi.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/fr/LC_MESSAGES/tekka.mo
 (from build/po/fr.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/gl/LC_MESSAGES/tekka.mo
 (from build/po/gl.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/he/LC_MESSAGES/tekka.mo
 (from build/po/he.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/id/LC_MESSAGES/tekka.mo
 (from build/po/id.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/it/LC_MESSAGES/tekka.mo
 (from build/po/it.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/lt/LC_MESSAGES/tekka.mo
 (from build/po/lt.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/nb/LC_MESSAGES/tekka.mo
 (from build/po/nb.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/nl/LC_MESSAGES/tekka.mo
 (from build/po/nl.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/oc/LC_MESSAGES/tekka.mo
 (from build/po/oc.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/pt_BR/LC_MESSAGES/tekka.mo
 (from build/po/pt_BR.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/pt/LC_MESSAGES/tekka.mo
 (from build/po/pt.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/ru/LC_MESSAGES/tekka.mo
 (from build/po/ru.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/sv/LC_MESSAGES/tekka.mo
 (from build/po/sv.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/tr/LC_MESSAGES/tekka.mo
 (from build/po/tr.mo)
+ install 
/<>/sushi-1.4.0+dfsg/debian/tekka/usr/share/locale/zh_CN/LC_MESSAGES/tekka.mo
 (from build/po/zh_CN.mo)
Waf: Leaving directory `/<>/sushi-1.4.0+dfsg/tekka/build'
'install' finished successfully (0.143s)
cd chirashi && env WAFDIR=/<>/sushi-1.4.0+dfsg ./waf install 
--destdir /<>/sushi-1.4.0+dfsg/debian/chirashi
Waf: Entering directory `/<>/sushi-1.4.0+dfsg/chirashi/build'
+ install 
/<>/sushi-1.4.0+dfsg/debian/chirashi/usr/share/chirashi/away.py (from 
away.py)
+ install 
/<>/sushi-1.4.0+dfsg/debian/chirashi/usr/share/chirashi/beep.py (from 
beep.py)
+ install 
/<>/sushi-1.4.0+dfsg/debian/chirashi/usr/share/chirashi/np.py (from 
np.py)
Waf: Leaving directory `/<>/sushi-1.4.0+dfsg/chirashi/build'
'install' finished successfully (0.008s)
# Move maki plugins files in maki-plugins package
mv debian/maki/usr/lib/maki/plugins/* debian/maki-plugins/usr/lib/maki/plugins/
mv: target 'debian/maki-plugins/usr/lib/maki/plugins/' is not a directory
debian/rules:30: recipe for target 'override_dh_auto_install' failed
make[1]: *** [override_dh_auto_install] Error 1
make[1]: Leaving directory '/<>/sushi-1.4.0+dfsg'
debian/rules:6: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the 

Bug#806663: xfe: FTBFS when built with dpkg-buildpackage -A (override_dh_install fails)

[Santiago Vila]

Package: src:xfe
Version: 1.40-4
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh build-indep --with autoreconf
   dh_testdir -i
   dh_autoreconf -i
autoreconf: configure.ac: AM_GNU_GETTEXT is used, but not AM_GNU_GETTEXT_VERSION
configure.ac:39: warning: The 'AM_PROG_MKDIR_P' macro is deprecated, and its 
use is discouraged.
configure.ac:39: You should use the Autoconf-provided 'AC_PROG_MKDIR_P' macro 
instead,
configure.ac:39: and use '$(MKDIR_P)' instead of '$(mkdir_p)'in your 
Makefile.am files.
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>'
dh_auto_configure -- --enable-sn --enable-release
./configure --build=x86_64-linux-gnu --prefix=/usr 
--includedir=\${prefix}/include --mandir=\${prefix}/share/man 
--infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var 
--disable-silent-rules --libdir=\${prefix}/lib/x86_64-linux-gnu 
--libexecdir=\${prefix}/lib/x86_64-linux-gnu --disable-maintainer-mode 
--disable-dependency-tracking --enable-sn --enable-release

[... snipped ...]

ln -s -f ../xfe-theme/zip_32x32.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zip_32x32.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoom100.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoom100.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomin.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomout.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomout.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
ln -s -f ../xfe-theme/zoomwin.png 
/<>/debian/tmp/usr/share/xfe/icons/windows-theme/zoomwin.png
make[4]: Leaving directory '/<>'
make[3]: Leaving directory '/<>'
make[2]: Leaving directory '/<>'
make[1]: Leaving directory '/<>'
   debian/rules override_dh_install
make[1]: Entering directory '/<>'
dh_install
rename binaries to prevent clash with other programs:
test -f /<>/debian/xfe/usr/bin/xfi && \
  mv /<>/debian/xfe/usr/bin/xfi 
/<>/debian/xfe/usr/bin/xfimage
debian/rules:20: recipe for target 'override_dh_install' failed
make[1]: *** [override_dh_install] Error 1
make[1]: Leaving directory '/<>'
debian/rules:12: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be 

Bug#806665: zabbix: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:zabbix
Version: 1:2.4.7+dfsg-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
DEB_BUILD_OPTIONS=parallel=1
I: zabbix_2.4.7+dfsg
## build zabbix-java-gateway.jar
## override_jh_build:
JAVA_HOME=/usr/lib/jvm/default-java \

CLASSPATH=/usr/share/java/json.jar:/usr/share/java/logback-core.jar:/usr/share/java/logback-classic.jar:/usr/share/java/slf4j-api.jar
 \
jh_build --no-javadoc --main=com.zabbix.gateway.JavaGateway 
debian/tmp-build-MYSQL/src/zabbix_java/zabbix-java-gateway.jar 
src/zabbix_java/src/com
find src/zabbix_java/src/com -name *.java -and -type f -print0 | xargs -s 
512000 -0 /usr/lib/jvm/default-java/bin/javac -g -cp 
/usr/share/java/json.jar:/usr/share/java/logback-core.jar:/usr/share/java/logback-classic.jar:/usr/share/java/slf4j-api.jar:debian/_jh_build.zabbix-java-gateway
 -d debian/_jh_build.zabbix-java-gateway -source 1.5 -target 1.5
warning: [options] bootstrap class path not set in conjunction with -source 1.5
1 warning
touch: cannot touch 
'debian/tmp-build-MYSQL/src/zabbix_java/zabbix-java-gateway.jar': No such file 
or directory
debian/rules:115: recipe for target 'build-indep' failed
make: *** [build-indep] Error 1
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806658: sofia-sip: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:sofia-sip
Version: 1.12.11+20110422.1-2
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh_testdir
/usr/bin/make -C objs doxygen
make[1]: *** objs: No such file or directory.  Stop.
debian/rules:49: recipe for target 'build-indep-stamp' failed
make: *** [build-indep-stamp] Error 2
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806660: taglib: FTBFS when built with dpkg-buildpackage -A (unable to chdir to builddir)

[Santiago Vila]

Package: src:taglib
Version: 1.9.1-2.4
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
# build-indep gets invoked in buildds as well...
if [ -x /usr/bin/doxygen ]; then \
dh_auto_build --buildsystem=makefile --builddirectory=builddir -- docs; \
fi
dh_auto_build: error: unable to chdir to builddir
debian/rules:29: recipe for target 'builddir/doc/html/index.html' failed
make: *** [builddir/doc/html/index.html] Error 2
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806661: tor: FTBFS when built with dpkg-buildpackage -A (No such file or directory)

[Santiago Vila]

Package: src:tor
Version: 0.2.7.5-1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh \
build-indep \
--with quilt \
--with autoreconf \
--with systemd \
--builddirectory=build \
--parallel
   dh_testdir -i -O--builddirectory=build -O--parallel
   dh_quilt_patch -i -O--builddirectory=build -O--parallel
Applying patch 20-upstream-syslog-identity
patching file changes/bug17194

[... snipped ...]

rm -f micro-revision.tmp; \
if test -d "../.git" && \
test -x "`which git 2>&1;true`"; then \
HASH="`cd ".." && git rev-parse --short=16 HEAD`"; \
echo \"$HASH\" > micro-revision.tmp; \
fi; \
if test ! -f micro-revision.tmp; then \
if test ! -f micro-revision.i; then \
echo '""' > micro-revision.i; \
fi; \
elif test ! -f micro-revision.i || \
test x"`cat micro-revision.tmp`" != x"`cat micro-revision.i`"; 
then \
mv micro-revision.tmp micro-revision.i; \
fi; \
rm -f micro-revision.tmp; \
true
 /bin/mkdir -p '/<>/debian/tmp/usr/bin'
  /usr/bin/install -c src/or/tor src/tools/tor-resolve src/tools/tor-gencert 
'/<>/debian/tmp/usr/bin'
 /bin/mkdir -p '/<>/debian/tmp/usr/bin'
 /usr/bin/install -c ../contrib/client-tools/torify 
'/<>/debian/tmp/usr/bin'
 /bin/mkdir -p '/<>/debian/tmp/etc/tor'
 /usr/bin/install -c -m 644 src/config/torrc.sample 
'/<>/debian/tmp/etc/tor'
 /bin/mkdir -p '/<>/debian/tmp/usr/share/doc/tor'
 /usr/bin/install -c -m 644 doc/tor.html doc/tor-gencert.html 
doc/tor-resolve.html doc/torify.html 
'/<>/debian/tmp/usr/share/doc/tor'
 /bin/mkdir -p '/<>/debian/tmp/usr/share/man/man1'
 /usr/bin/install -c -m 644 doc/tor.1 doc/tor-gencert.1 doc/tor-resolve.1 
doc/torify.1 '/<>/debian/tmp/usr/share/man/man1'
 /bin/mkdir -p '/<>/debian/tmp/usr/share/tor'
 /usr/bin/install -c -m 644 ../src/config/geoip ../src/config/geoip6 
'/<>/debian/tmp/usr/share/tor'
make[2]: Leaving directory '/<>/build'
make[1]: Leaving directory '/<>/build'
   debian/rules override_dh_install
make[1]: Entering directory '/<>'
dh_install --fail-missing
mv debian/tor/etc/tor/torrc.sample debian/tor/etc/tor/torrc
mv: cannot stat 'debian/tor/etc/tor/torrc.sample': No such file or directory
debian/rules:63: recipe for target 'override_dh_install' failed
make[1]: *** [override_dh_install] Error 1
make[1]: Leaving directory '/<>'
debian/rules:23: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep gave error exit 
status 2


Sorry not to have a fix, as I am reporting many bugs similar to
this one. The common hints are:

* If the only architecture-independent packages are dummy transitional
ones and they were released with jessie, the easy fix is to drop them
now.

* When using "dh", it is allowed to use (independently)
optional targets override_dh_foo-arch and override_dh_foo-indep
(for several values of "foo").


Once that both "dpkg-buildpackage -A" and "dpkg-buildpackage -B" work
properly, the package would be suitable to be uploaded in source-only
form if you wish.

Thanks.

Bug#806666: Should advene be removed?

[Moritz Muehlenhoff]

Package: advene
Severity: serious

Should advene be removed? It depends on gstreamer 0.10, which is
scheduled removal (plus, other legacy libs (python-rsvg and
python-goocanvas), this is unfixed upstream (last commit 15 months
ago) and popcon is marginal.

Please address the outstanding bugs or reassign this to
ftp.debian.org for removal.

Cheers,
Moritz

Bug#790739: don't warn about dev-pkg-without-shlib-symlink for GCC runtime libraries

[Jakub Wilk]

* Jakub Wilk , 2015-11-29, 12:31:

Something fishy is going on here.


So the fishy thing is that checks/shared-libs.pm has this:

my $MA_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/);

whereas checks/binaries.pm and checks/files.pm have this:

my $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/,
   sub { return { 'dir' => $_[1], 'match' => qr/\Q$_[1]\E/ } });

So, thanks data caching, $MA_DIRS could be initialized with a completely 
different structure than the shared-libs check expected.


This preprocessing (introduced in 37774bb101dd) doesn't seem useful to 
me, so I got rid of it. I'd appreciate if someone familiar with Lintian 
codebase reviewed the patch.


--
Jakub Wilk
diff --git a/checks/binaries.pm b/checks/binaries.pm
--- a/checks/binaries.pm
+++ b/checks/binaries.pm
@@ -86,8 +86,7 @@
   = Lintian::Data->new('binaries/embedded-libs', qr/\s*+\|\|/,
 \&_embedded_libs);
 
-our $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/,
-sub { return { 'dir' => $_[1], 'match' => qr/\Q$_[1]\E/ } });
+our $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/);
 
 sub _split_hash {
 my (undef, $val) = @_;
@@ -192,9 +191,8 @@
 # This avoids false positives with plugins like Apache modules,
 # which may have their own SONAMEs but which don't matter for the
 # purposes of this check.  Also filter out nsswitch modules
-if (defined($MULTIARCH_DIRS->value($arch))) {
-$madir = $MULTIARCH_DIRS->value($arch)->{'dir'};
-} else {
+$madir = $MULTIARCH_DIRS->value($arch);
+if (not defined($madir)) {
 # In the case that the architecture is "all" or unknown (or we do
 # not know the multi-arch path for a known architecture) , we assume
 # it the multi-arch path to be this (hopefully!) non-existent path to
@@ -202,8 +200,6 @@
 $madir = './!non-existent-path!/./';
 }
 
-$madir = './!non-existent-path!/./' unless defined $madir;
-
 $gnu_triplet_re = quotemeta $madir;
 $gnu_triplet_re =~ s,^i386,i[3-6]86,;
 $ruby_triplet_re = $gnu_triplet_re;
diff --git a/checks/files.pm b/checks/files.pm
--- a/checks/files.pm
+++ b/checks/files.pm
@@ -37,8 +37,7 @@
 my $LOCALE_CODES = Lintian::Data->new('files/locale-codes', qr/\s++/);
 my $INCORRECT_LOCALE_CODES
   = Lintian::Data->new('files/incorrect-locale-codes', qr/\s++/);
-my $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/,
-sub { return { 'dir' => $_[1], 'match' => qr/\Q$_[1]\E/ } });
+my $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/);
 
 my $PRIVACY_BREAKER_WEBSITES= Lintian::Data->new(
 'files/privacy-breaker-websites',
@@ -657,17 +656,15 @@
 # check if pkgconfig file include path point to
 # arch specific dir
   MULTI_ARCH_DIR:
-foreach my $multiarch_dir ($MULTIARCH_DIRS->all) {
-my $value =  $MULTIARCH_DIRS->value($multiarch_dir);
-my $pkgconfig_dir = $value->{'dir'};
-my $regex = $value->{'match'};
-if ($pkg_config_arch eq $pkgconfig_dir) {
+foreach my $arch ($MULTIARCH_DIRS->all) {
+my $madir = $MULTIARCH_DIRS->value($arch);
+if ($pkg_config_arch eq $madir) {
 next MULTI_ARCH_DIR;
 }
-if ($block =~ m{\W$regex(\W|$)}xms) {
+if ($block =~ m{\W\Q$madir\E(\W|$)}xms) {
 tag 'pkg-config-multi-arch-wrong-dir',$file,
   'full text contains architecture specific dir',
-  $pkgconfig_dir;
+  $madir;
 last MULTI_ARCH_DIR;
 }
 }

Bug#806499: elpa-magit: missing info files

[Rémi Vanicat]

Control: tag -1 pending

David Bremner  writes:

> Package: elpa-magit
> Version: 2.3.1-1
> Severity: normal
>
> magit.info-[12] are missing from the binary package. I got as far as
> observing that they are also missing from the elpa package magit-2.3.1
> generated by "make elpa VERSION=2.3.1".

Apparently, it is already fixed upstream[1]. A new upstream version
should be available soon, so I'm waiting a little bit before uploading
the fix.


[1]: 
https://github.com/magit/magit/commit/018c263067e56a754867e2e6bcc97ccf8a6dc517
-- 
Rémi Vanicat

Bug#806670: Debian Packages with Qt5

[chrysn]

hi,

On Sun, Nov 29, 2015 at 04:08:56PM +0100, Torsten Paul wrote:
> Are the packages in testing built with CONFIG-=debug ?

yes, they are built with debug. the reason is that i need a build with
debug symbols in it, as they are stripped later in the build process but
stored in a dedicated debug symbol package. i do remove the `DEBUG`
define from the project file to negate what i thought are all the other
side effects.

i'm now creating a test build that uses a different workaround
(`QMAKE_STRIP=echo`) to build an unstripped non-debug version; if you
know a more straight-forward way of disable qmake's symbols stripping
that takes places when debug is absent, please let me know.


> I can reproduce that it works ok with CONFIG-=debug, but rotating
> is really dragging without that qmake option.

i've observed that behavior, but as my main development machine was in
repair during the latest upload, and i attributed the dragging to my
replacement machine's poor graphics card support. (and then again on the
machine i'm using right now, pretty complex examples only show minimal
dragging).

> I'm not 100% sure it's really vsync, as it did not even help when
> manually forcing it to 0 using glXSwapIntervalMESA or glXSwapIntervalSGI,
> but right now the packages in testing seem to be unusable for some
> people 
> (http://forum.openscad.org/OpenScad-2014-03-Segmentation-Fault-td14800.html).

i'll let you know which results the hopefully more non-debug builds got
me when they are through.

thanks for bringing this to my attention
chrysn

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom


signature.asc
Description: PGP signature

Bug#806176: jessie-pu: package gnome-gmail/1.8.3-1

[Adam D. Barratt]

On Tue, 2015-11-24 at 20:52 -0500, Dave Steele wrote:
> Per 805926, gnome-gmail is broken on Jessie due to a lack of support
> for OAuth2, and a reliance on GNOME 2 for configuration data. I went
> through the exercise of crafting a minimal upgrade to address these
> two issues, and have come to the conclusion that it makes more sense
> to backport July's 1.9.3-1 release instead.

A package for this was uploaded, and I've just flagged it for rejection.

Aside from the lack of discussion, the package was incorrectly versioned
as 1.9.3-1+deb8u1, making it higher than the 1.9.3 package currently in
unstable (as would have become evident had a full diff been provided and
discussed).

Regards,

Adam

Bug#781938: RFS: vid.stab/0.98b-1

[Felipe Sateler]

On 29 November 2015 at 18:17, Vincent Pinon  wrote:
> Hello,
>
> One month  later, I still haven't forgotten that task, sorry for the delay ;)
> new upload here:
> http://mentors.debian.net/package/vid.stab
>
> Le mardi 27 octobre 2015, 00:16:57 Andreas Cadhalpun a écrit :
> [snip]
>>  * d/control:
>> - 'Priority: optional' not extra
>> - packages should be 'Multi-Arch: same'
>>  * d/copyright: misses copyright of 'Alexey Osipov'
> Done, thanks for guidance!
>
>> The tests could be run e.g. with:
>> cd tests; cmake .; make all; ./tests
>> However, the return code is wrong [2].
> I included your patch, but I'm not sure how to add & run test target in 
> debian/rules.

You can do:

override_dh_auto_test:
  #test commands here

> This might go into future improvements, with the runtime loading of SSE on 
> i386? (Felipe's suggestion)

I'd add -DSSE2_FOUND=false to the cmake invocation when run on i386.
This appears to be enough to disable the sse flags

>
> I don't know if this packaging activity is worth versioning on alioth, as 
> upstream doesn't seem to evolve any/much more?
> If yes anyway, am I allowed to initialize a git repo?

I think git history is always useful, although pre-first release
history not so much (so we can create the repo with the uploaded
package). Please apply to the pkg-multimedia project on alioth, and
read the wiki

https://alioth.debian.org/projects/pkg-multimedia
https://wiki.debian.org/DebianMultimedia/DevelopPackaging

-- 

Saludos,
Felipe Sateler

Bug#806677: prompts unncessarily for password for fish:// login

[Joey Hess]

Package: lftp
Version: 4.6.3a-1
Severity: normal

When the ssh server is configured to allow login via authorized_keys,
using lftp to connect to it with fish:// results in it prompting for a
password despite no password being needed. The password entered is never
used.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lftp depends on:
ii  libc6  2.19-22
ii  libgcc11:5.2.1-23
ii  libgnutls-deb0-28  3.3.18-1
ii  libidn11   1.32-3
ii  libreadline6   6.3-8+b3
ii  libstdc++6 5.2.1-23
ii  libtinfo5  6.0+20151024-1
ii  netbase5.3
ii  zlib1g 1:1.2.8.dfsg-2+b1

lftp recommends no packages.

lftp suggests no packages.

-- no debconf information

-- 
see shy jo


signature.asc
Description: PGP signature

Bug#777041: xbmc: unable to disable extensive debug logging

[Jonathan McDowell]

On Sun, Nov 29, 2015 at 07:48:42PM +0100, Bálint Réczey wrote:
> 2015-11-29 19:24 GMT+01:00 Jonathan McDowell :
> > On Fri, Nov 06, 2015 at 10:14:55AM +0400, Bálint Réczey wrote:
> >> > Looking at my XBMC which was started less than 2 days ago and breaking
> >> > down the log entry types I see:
> >> >
> >> >   9 WARNING:
> >> >  78 ERROR:
> >> > 320 INFO:
> >> > 390 NOTICE:
> >> >7366 DEBUG:
> >> >
> >> > This debug output is considerable compared to the normal output. I
> >> > understand the desire to have the debugging enabled by default to ease
> >> > support, but the GUI configuration should be showing this is the case
> >> > and it should be possible to turn it off.
> >
> >> I think the situation improved a lot with latest kodi packages. Could
> >> you please test them?
> >>
> >> Debugging is not enabled in debian/rules anymore by default.
> >
> > I'm running XBMC on a jessie box so I'm a bit wary about updating it
> > all; are there any plans to update the backport.debian.org packages to
> > 15.2 final rather than 15.2-rc3?

> They are practically the same[1] thus I did not find it important, but
> I'll update it because probably there are numerous users waiting for
> that.  I was also waiting for feedback on bugs like this one to see if
> I have to make additional changes before I create the backport.

> It sould be nice if you could upgrade and test the current version to
> see if this bug is still open.

I have upgraded to 15.2~rc3+dfsg1-1~bpo8+1 and I'm still seeing loads of
debug output, including every keypress:

22:34:52 T:140404543895616   DEBUG: OnKey: backspace (0xf008) pressed, action 
is Back

All visible debug options in the GUI (System -> Debugging) are disabled.

J.

-- 
101 things you can't have too much of : 44 - Fame.

Bug#806638: Acknowledgement (gnupg: Transfer of subkey to Yubikey 4 smart card fails (assertion error))

[David North]

On 29/11/15 17:21, Debian Bug Tracking System wrote:
> Thank you for filing a new Bug report with Debian.
> 
> This is an automatically generated reply to let you know your message
> has been received.
> 
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
> 
> Your message has been sent to the package maintainer(s):
>  Debian GnuPG-Maintainers 
> 
> If you wish to submit further information on this problem, please
> send it to 806...@bugs.debian.org.
> 
> Please do not send mail to ow...@bugs.debian.org unless you wish
> to report a problem with the Bug-tracking system.
> 

As a follow-up, I should add that I have now persuaded gnupg 2.x to
recognise the hardware, and it works correctly with keys up to 4096
bits. So I am no longer particularly concerned by this bug.

Bug#806648: sqlgrey: Please add logcheck rules to ignore info messages

[Kevin Locke]

Package: sqlgrey
Version: 1:1.8.0-1
Severity: normal
Tags: patch

Dear Maintainer,

Sqlgrey currently logs several informational messages to the syslog for
each connection and message during normal operation.  If logcheck is
installed, this results in a lot of unimportant messages being reported.

The logcheck maintainers recommend that packages maintain their own
logcheck rules.[1]  To that end I'm filing this bug along with the rules
which I am currently using.  I've attempted to match the prevailing
conventions in existing rules for hosts/IPs/emails, which could be made
more or less restrictive if desired.  The file should be installed as
/etc/logcheck/ignore.d.server/sqlgrey.

Thanks,
Kevin

1.  https://logcheck.alioth.debian.org/docs/README.Maintainer


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0+kevinoid1 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: conf: reloading static whitelists 
and smart regexps$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: domain awl match: updating 
[.:[:xdigit:]]+\([.:[:xdigit:]]+\), [._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: domain awl: [.:[:xdigit:]]+, 
$sender_domain added$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: early reconnect: 
[.:[:xdigit:]]+\([.:[:xdigit:]]+\), [[:graph:]]+@[._[:alnum:]-]+ -> 
[[:graph:]]+@[._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: from awl match: updating 
[.:[:xdigit:]]+\([.:[:xdigit:]]+\), 
[[:graph:]]+@[._[:alnum:]-]+\([[:graph:]]+@[._[:alnum:]-]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: from awl: [.:[:xdigit:]]+, 
[[:graph:]]+@[._[:alnum:]-]+ added$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: new: 
[.:[:xdigit:]]+\([.:[:xdigit:]]+\), [[:graph:]]+@[._[:alnum:]-]+ -> 
[[:graph:]]+@[._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: reconnect ok: 
[.:[:xdigit:]]+\([.:[:xdigit:]]+\), [[:graph:]]+@[._[:alnum:]-]+ -> 
[[:graph:]]+@[._[:alnum:]-]+ \([0-9:.]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: grey: throttling: 
[.:[:xdigit:]]+\($addr\), [[:graph:]]+@[._[:alnum:]-]+ -> 
[[:graph:]]+@[._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: perf: spent [0-9]+s cleaning: 
from_awl \([0-9]+\) domain_awl \([0-9]+\) connect \([0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: spam: [.:[:xdigit:]]+: 
[[:graph:]]+@[._[:alnum:]-]+ -> [[:graph:]]+@[._[:alnum:]-]+ at [0-9-]{10} 
[0-9:]{8}\.[0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sqlgrey: whitelist: 
[[:graph:]]+@[._[:alnum:]-]+, [.:[:xdigit:]]+\([._[:alnum:]-]+\) -> 
[[:graph:]]+@[._[:alnum:]-]+$

Bug#777041: xbmc: unable to disable extensive debug logging

[Bálint Réczey]

Hi Jonathan,

2015-11-29 19:24 GMT+01:00 Jonathan McDowell :
> On Fri, Nov 06, 2015 at 10:14:55AM +0400, Bálint Réczey wrote:
>> > Looking at my XBMC which was started less than 2 days ago and breaking
>> > down the log entry types I see:
>> >
>> >   9 WARNING:
>> >  78 ERROR:
>> > 320 INFO:
>> > 390 NOTICE:
>> >7366 DEBUG:
>> >
>> > This debug output is considerable compared to the normal output. I
>> > understand the desire to have the debugging enabled by default to ease
>> > support, but the GUI configuration should be showing this is the case
>> > and it should be possible to turn it off.
>
>> I think the situation improved a lot with latest kodi packages. Could
>> you please test them?
>>
>> Debugging is not enabled in debian/rules anymore by default.
>
> I'm running XBMC on a jessie box so I'm a bit wary about updating it
> all; are there any plans to update the backport.debian.org packages to
> 15.2 final rather than 15.2-rc3?
They are practically the same[1] thus I did not find it important, but
I'll update
it because probably there are numerous users waiting for that.
I was also waiting for feedback on bugs like this one to see if I have to make
additional changes before I create the backport.
It sould be nice if you could upgrade and test the current version to
see if this
bug is still open.

Cheers,
Balint

[1] 
https://anonscm.debian.org/cgit/pkg-multimedia/kodi.git/diff/?h=upstream/15.2%2bdfsg1

Bug#806647: ntp: outdated paths in README.Debian

[Christoph Anton Mitterer]

Package: ntp
Version: 1:4.2.8p4+dfsg-3+b1
Severity: minor


Hey.

The path in README.Debian:
/etc/dhcp3/dhclient.conf
is outdated, it's now /etc/dhcp/

Cheers.

Bug#777041: xbmc: unable to disable extensive debug logging

[Jonathan McDowell]

On Fri, Nov 06, 2015 at 10:14:55AM +0400, Bálint Réczey wrote:
> > Looking at my XBMC which was started less than 2 days ago and breaking
> > down the log entry types I see:
> >
> >   9 WARNING:
> >  78 ERROR:
> > 320 INFO:
> > 390 NOTICE:
> >7366 DEBUG:
> >
> > This debug output is considerable compared to the normal output. I
> > understand the desire to have the debugging enabled by default to ease
> > support, but the GUI configuration should be showing this is the case
> > and it should be possible to turn it off.

> I think the situation improved a lot with latest kodi packages. Could
> you please test them?
>
> Debugging is not enabled in debian/rules anymore by default.

I'm running XBMC on a jessie box so I'm a bit wary about updating it
all; are there any plans to update the backport.debian.org packages to
15.2 final rather than 15.2-rc3?

J.

-- 
If a program is useless, it must be documented.

Bug#806646: gsl: cannot compile libgsl from source

[Dirk Eddelbuettel]

On 29 November 2015 at 19:41, Krzysztof Marczak wrote:
| Source: gsl
| Version: 2.1+dfsg
| Severity: normal
| 
| Dear Maintainer,
| 
| I cannot compile libgsl from source, because configure script gives folowing
| error:
| 
| config.status: error: cannot find input file: `doc/examples/Makefile.in'
| 
| to compile from source I use folowing commands (this how I compiled version
| 1.16):
| 
| 1. apt-get source gsl-bin gsl-doc

No, that won't work. I have not update gsl-doc in a while.

Just build gsl.

| 2. cp -rv gsl-doc-1.16 gsl-2.1+dfsg/doc/
| 3. cd gsl-2.1+dfsg
| 4. ./configure
| 5. cd doc
| 6. ./configure
| 7. cd ..
| 8. make
| 9. sudo make install
| 
| it fails at point 4
| 
| Is it correct to compile gsl-2.1 with gsl-doc-1.16? This is probably source of
| problem.

Indeed.

_The packages I upload do build as uploaded_ or else we would not have
binaries for the eleven other architectures seen e.g. at the bottom of this
page: 
https://packages.debian.org/sid/gsl-bin

No bug here.

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#672232: Re isc-dhcp-client: method to ignore settings provided by the server

[Christoph Anton Mitterer]

Control: severity -1 important
Control: tags -1 = security

Hey.

Still cannot believe that this hasn't been dealt with after so many
years... o.O

As explained previously, dhclient doesn't seem to allow to disable
certain security relevant options from being received (and configured)
from the server.

For example, even when setting:
request subnet-mask, broadcast-address, time-offset, routers,
domain-name-servers,
dhcp6.name-servers, dhcp6.fqdn,
netbios-name-servers, netbios-scope, interface-mtu,
rfc3442-classless-static-routes;

It would still take ntp servers, domain search path, etc. from the
server if that offers it.

These values however are quite security critical.
A rogue DHCP server may direct any client (e.g. a notebook connected to
any public network) to use a evil NTP server, which could ultimately
lead to a wrong system time being set, which in turn could lead to
expired certificates, software updates, etc. being used.

Similar, playing around with the domain search path could trick a
system into using/trusting/etc. the wrong names.

supersede isn't really of any help here since a) it doesn't seem to
properly work in all places, and b) one cannot use it do just "unset" a
server provided value (i.e. using the empty string or so doesn't work).


I just stumbled over this issue again, when we observed a successful
attack on two of our institutes notebooks.
Turned out in the end that their time/date must have been influenced
maliciously...


Michael, I've seen you've removed important, security and added
unreproducible without any further explanations... o.O

Adding these back, as the above examples clearly show that this can be
exploited,... further removing unreproducible as it was even confirmed
before by Felix and reproduction seems straight-forward.

Cheers,
Chris.

Bug#797516: (plymouth: Plymouth splash screen doesn't work properly in virtual enviornment running jessie)

[Laurent Bigonville]

tags -1 moreinfo
thanks

On Wed, 9 Sep 2015 05:37:21 + "Tomar, Tejendra Singh" 
 wrote:

> Dear Maintainer,

Hello,

> I had communication with Virtual Box folks and according to them 
there is dependency in Jessie or in plymouth which requires KMS driver 
for the boot splash.

>
> Is it a desired behaviour latest version of Plymouth as the previous 
version of Plymouth (0.8.5.1-5) was working perfectly on virtual 
environment ?

>
> For Reference https://www.virtualbox.org/ticket/14503

Are you still able to reproduce this with a recent version of plymouth?

It it's the case, could you please add plymouth.debug to the kernel 
cmdline and then attach the /var/log/plymouth-debug.log file to this 
bug-report?

Bug#806651: /etc/cron.daily/apt-cacher-ng exited with return code 255

[Peter Colberg]

Package: apt-cacher-ng
Version: 0.8.6-1+b1
Severity: normal

Dear Maintainer,

cron sends the following error report every day:

run-parts: /etc/cron.daily/apt-cacher-ng exited with return code 255

When the command is run manually, it fails silently with return code 255.

This is a fresh installation of apt-cacher-ng on unstable.

(Why is `acngtool maint` run under user root instead of user apt-cacher-ng?)

Regards,
Peter

Bug#806667: emacs24: FTBFS on sparc64, Bus Error during lucid build

[David Matthew Mattli]

Source: emacs24
Severity: normal
Tags: upstream patch
User: debian-sp...@lists.debian.org
Usertags: sparc64

Dear Maintainer,

The emacs24 build is currently failing on sparc64 with a Bus
Error. You can see an example build log here:

https://buildd.debian.org/status/fetch.php?pkg=emacs24=sparc64=24.5%2B1-5=1448688813

I've attached a patch that corrects an unaligned pointer dereference
in src/unexelf.c. But my fix is more of a hack and probably not suitable
for submitting to upstream.

I'm going to continue looking at this issue to try to create a 
more robust fix to offer upstream.

Below is a short explaination of what I've found looking into this
build failure.


The lucid build is failing with this error:

Loading /«BUILDDIR»/emacs24-24.5+1/debian/build-lucid/lisp/electric.el 
(source)...
Loading /«BUILDDIR»/emacs24-24.5+1/debian/build-lucid/lisp/tooltip.el 
(source)...
Finding pointers to doc strings...
Finding pointers to doc strings...done
Dumping under the name emacs
/bin/bash: line 7: 19090 Bus error   ./temacs --batch --load loadup 
bootstrap
make[3]: *** [bootstrap-emacs] Error 1
Makefile:815: recipe for target 'bootstrap-emacs' failed
make[3]: Leaving directory '/«BUILDDIR»/emacs24-24.5+1/debian/build-lucid/src'
make[2]: *** [src] Error 2
Makefile:389: recipe for target 'src' failed

Loading 'temacs' in gdb the bus error occurs in the file
src/unexelf.c, around line 980:

  */

  if (NEW_SECTION_H (nn).sh_offset >= old_bss_offset
  || (NEW_SECTION_H (nn).sh_offset + NEW_SECTION_H (nn).sh_size
  > new_data2_offset))
NEW_SECTION_H (nn).sh_offset += new_data2_incr;

With this instruction:

0x294c20   ldx  [ %g4 + 0x18 ], %g2

   // info reg g4 => 0x80011458013b -140732852076229

So it's trying to load an extended word (64bits, 8 bytes) from an
unaligned address.

NEW_SECTION_H is a macro that generates a pointer offset from
'new_section_h'.

static void * 
   entry_address (void *section_h, ptrdiff_t idx, ptrdiff_t entsize)
{
  char *h = section_h;
  return h + idx * entsize;
}

#define NEW_SECTION_H(n) \
  (*(ElfW (Shdr) *) entry_address (new_section_h, n, 
new_file_h->e_shentsize))

If 'new_section_h' is properly aligned this should be ok because it's
adding multiples of 'e_shentsize' which is 8. But new_section_h is
/not/ aligned so the resulting pointer is also not aligned.

Here is how 'new_section_h' is computed:

new_section_h = (ElfW (Shdr) *)
((byte *) new_base + old_file_h->e_shoff + new_data2_incr);

GDB says the components of this sum have these values:

(gdb) print new_base
$6 = (caddr_t) 0x8001126aa000 "\177ELF\002\002\001"
(gdb) print old_file_h->e_shoff
$7 = 15751616
(gdb) print new_data2_incr
$8 = 16582459


'new_base' and 'old_file_h->e_shoff' are both 8 byte aligned but
'new_data2_incr' is not.

'new_data2_incr' is calculated this way:

new_data2_incr = new_data2_size + (new_data2_offset - old_bss_offset);

It seems like 'new_data2_incr' is just an offset so it would be ok to
round it up to the nearest multiple of 8, using a function already
used in the file:

new_data2_incr = round_up(new_data2_incr, (ElfW (Addr))8);

Adding this line to src/unexelf.c allows the build to finish normally. 

-- System Information:
Debian Release: stretch/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'unstable')
Architecture: sparc64

Kernel: Linux 4.3.0-gentoo (SMP w/1 CPU core)
Locale: LANG=en_SG.UTF-8, LC_CTYPE=en_SG.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -779,6 +779,9 @@
  the end of the old .data section (and thus the offset of the .bss
  section) was unaligned.  */
   new_data2_incr = new_data2_size + (new_data2_offset - old_bss_offset);
+#ifdef __sparc_v9__
+  new_data2_incr = round_up(new_data2_incr, (ElfW (Addr))8);
+#endif
 
 #ifdef UNEXELF_DEBUG
   fprintf (stderr, "old_bss_index %td\n", old_bss_index);

Bug#806668: RM: pidgin-sipe [kfreebsd-amd64 kfreebsd-i386 mips64el] -- RoQA; outdated binaries

[Moritz Muehlenhoff]

Package: ftp.debian.org
Severity: normal

Hi,
please remove pidgin-sipe for [kfreebsd-amd64 kfreebsd-i386
mips64el]. There are long-standing problems to build more
recent versions and the outdated binaries still depend on
gstreamer 0.10.

Cheers,
Moritz

Bug#806612: [Debichem-devel] Bug#806612: cp2k: FTBFS when built with dpkg-buildpackage -A (different version of GNU Fortran)

[Santiago Vila]

On Sun, Nov 29, 2015 at 07:25:32PM +0100, Michael Banck wrote:
> > Even if your package is not directly to blame, I think it is important
> > to know how this happened and ensure that it will be fixed.
> 
> I think the reason is that testing now has gfortran-5.2, and the elpa
> package in testing has not been rebuilt with it since.  There was an
> elpa upload recently, but as it FTBFS on a few arches, it hasn't
> migrated yet.

But we have Depends, Build-Depends, sonames, and all that.

Is this a transition that we did wrong?

Or maybe this is a bug in the script that makes packages to propagate
to testing? (it used to be called britney if I remember well).

> So hrm, not exactly sure what to do about it.

The options are basically two:

* Do nothing, i.e. keep the bug open until the problem it's fixed.
* Clone/reassign/retitle as appropriate.

Bug#806669: [rt.debian.org #6071] AutoReply: Please add Marc Fournier's key to the DM keyring

[Aníbal Monsalve Salazar]

Control: package debian-maintainers
Control: tags -1 + pending

Hello Marc Fournier,

Your DM application was accepted and the corresponding RT ticket is
posted at https://rt.debian.org/Ticket/Display.html?id=6071

Currently, rt.debian.org isn't accessible for the general public. It
was so sometime ago. Maybe one of your advocates will look at your RT
ticket for you, after it has been taken by a keyring maintainer. See
http://wiki.debian.org/rt.debian.org

Thank you for your contribution to the Debian Project.

Cheers,

Aníbal

On Sun, 2015-11-29 21:08:11 +, Debian Keyring requests (Incoming) via RT 
wrote:
> This message has been automatically generated in response to the
> creation of a trouble ticket regarding
>
>   "Please add Marc Fournier's key to the DM keyring",
>
> a summary of which appears below the dashed line.
>
> There is no need to reply to this message right now.  Your ticket has
> been assigned an ID of [rt.debian.org #6071].
>
> Please include the string
>
>   [rt.debian.org #6071]
>
> in the subject line of all future correspondence about this issue. To
> do so, you may reply to this message.
>
> -
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> 
> keyring-maint:
>   please add key ID 1726090DD276E81507A92B18116F5E3AB368A4EB
> to the DM keyring
>   please notify 806669-d...@bugs.debian.org
> 
> Changed-By: Anibal Monsalve Salazar 
> Date: Sun, 29 Nov 2015 21:03:45 +
> BTS: https://bugs.debian.org/806669
> Comment: Add Marc Fournier as a Debian Maintainer
> Agreement: https://lists.debian.org/debian-newmaint/2015/11/msg00015.html
> Advocates:
>   bzed - https://lists.debian.org/debian-newmaint/2015/11/msg00028.html
>   tokkee - https://lists.debian.org/debian-newmaint/2015/11/msg00031.html
> KeyCheck:
>   pub   4096R/B368A4EB 2011-01-27 [expires: 2016-11-06]
> Key fingerprint = 1726 090D D276 E815 07A9  2B18 116F 5E3A B368 A4EB
>   uid  Marc Fournier 
>   sig! C70218D2 2011-02-09  Frederic Peters 
>   sig! 2BEF0A33 2011-02-01  Didier Raboud 
>   sig! 02D1BC65 2011-02-07  Peter Van Eynde 
>   sig! F3D57033 2011-02-07  Dario Minnucci 
>   sig! A74420EF 2011-02-13  Christoph Goehre 
>   sig! BAF91EF5 2011-02-23  Gaudenz Steinlin 
> 
>   sig! 9F84F4DE 2011-03-19  Iustin Pop 
>   sig! E397832F 2011-03-27  Luca Capello 
>   sig!3B368A4EB 2011-01-27  Marc Fournier 
>   sig!3B368A4EB 2015-11-07  Marc Fournier 
>   sig!2   P999BBCC4 2011-02-01  Martin F. Krafft 
>   sub   4096R/A6EC05C3 2011-01-27
>   sig! B368A4EB 2011-01-27  Marc Fournier 
>   .
>   Key is OpenPGP version 4 or greater.
>   Key has 4096 bits.
>   Valid "e" flag, no expiration.
>   Valid "s" flag, expires Sun 06 Nov 2016 20:23:56 UTC.
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
> 
> iQIcBAEBCgAGBQJWW2jjAAoJEHxWrP6UeJfYrXwP/2O7imNYAFAyTAh+/c5hJgPq
> GfpR4sIYiPSA5tUz7hZ7ro+LTcTjc295o5371xLvfpCERZ49UjTM6uLiGLAG3xPm
> 2cxzGK9HUE6fByf+qhskgU0qSlCOGNt29qkZY4DlUHNQtl2/yh1n0Loebwy8Y2E1
> mlNiq2lFL51OLFiwh16fKPJ7izAb8rkKZbdoI8wPfq+V1WaqLi/ipN0gwgqFY8lm
> kXpBh7zzzTozdiX6/eNUdHU8L6EuX5aS3WZcL4HptCvepB7lF58OafyQ5uVqNLv6
> NUZ6RehQev8wqhI1NNrNy2ivU/kLF1OJC2vxIAeq0Kl21mzJtdHR5WUGFpHBdkws
> T0sTH1etBlCPy2kchvNdBG12bIr7wnnLirMTjzDzTH4biluIgj5nbClUJAWxITT8
> HwNI9+MUvsNPI5mBfFe6P9yEpePLIyavPDz8R3jqrcmrTDKCswjKnb5Alpm6TU77
> p/YxD929JrSmqCUuZLv23GHF4gSTwpN8hj0kPMJbDbW4VC2/RJ41bMUtMVKxSpF1
> 8DExyHK5Cl44bNMoGE3sj8hY1CXtjc1mGNtcrJ4/w0/fHDQVLerU9RHvJeGvH+sK
> ldcbotow50oqD8KVXWBeje4djMLhnyTGhPa4E8QsCf6lEh7ItlDwr9VlkA+k0J/g
> OFw++uT4yuzYeG7rdH3v
> =xkId
> -END PGP SIGNATURE-


signature.asc
Description: Digital signature

Bug#804172: jessie-pu: package spip/3.0.17-2+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2015-11-26 at 22:12 -0400, David Prévot wrote:
> Le 26/11/2015 17:21, Adam D. Barratt a écrit :
> > On Thu, 2015-11-05 at 14:10 -0400, David Prévot wrote:
> >> As agreed with the security team, the two XSS fixes from the latest
> >> upstream version do not deserve a DSA, yet I’d like to fix them via pu
> 
> > Please go ahead; sorry for the delay.
> 
> Uploaded and accepted, thanks.

Flagged for acceptance.

Regards,

Adam

Bug#806165: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u5

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2015-11-26 at 22:10 -0400, David Prévot wrote:
> Le 26/11/2015 17:22, Adam D. Barratt a écrit :
> > On Tue, 2015-11-24 at 19:12 -0400, David Prévot wrote:
> >> As agreed with the security team, this update aims to fix a security
> >> issue in zendframework
> 
> > Please go ahead.
> 
> Uploaded and accepted, thanks.

Flagged for acceptance, thanks.

Regards,

Adam

Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore

[Christoph Anton Mitterer]

Package: ifupdown
Version: 0.7.54
Severity: important



Hi.

Since NM is more or less forced upon people I usually us that for
daily network configuration... so I don't know when the following
problem started.

When I configure a iface like this:
> iface eth0 inet dhcp
then I get (from the same router) both, v4 and v6 addresses.

However, when having something similar for a wlan:
>iface wlan0-bar inet dhcp
>wpa-ssidbar
>
>wpa-key-mgmtWPA-PSK
>wpa-psk foo

I only get v4 addresses.

It works with NM, so I don't think it's a misconfiguration
of the router or dhclient.conf.


Now there is obviously the address family inet6 in /e/n/interfaces.
I never understood how that is actually used/needed for.

E.g. as above with eth0, inet already configures v6.
How would one configure e.g. a wlan to also have inet6...
does one really have to duplicate all the wpa-* stanzas
for both inet and inet6?

Or, is in the case of dhcp, inet vs. inet6 rather the family over
which DHCP is tried (i.e. DHCPv4 vs. DHCPv6) and not
the addresses that are configured in the end?


Cheers,
Chris.



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ifupdown depends on:
ii  adduser  3.113+nmu3
ii  initscripts  2.88dsf-59.2
ii  iproute2 4.3.0-1
ii  libc62.19-22
ii  lsb-base 9.20150917

Versions of packages ifupdown recommends:
ii  isc-dhcp-client [dhcp-client]  4.3.3-5

Versions of packages ifupdown suggests:
ii  ppp 2.4.6-3.1
pn  rdnssd  

-- debconf information:
  ifupdown/convert-interfaces: true

Bug#806651: /etc/cron.daily/apt-cacher-ng exited with return code 255

[Eduard Bloch]

Hallo,
* Peter Colberg [Sun, Nov 29 2015, 02:56:30PM]:
> Package: apt-cacher-ng
> Version: 0.8.6-1+b1
> Severity: normal
> 
> Dear Maintainer,
> 
> cron sends the following error report every day:
> 
> run-parts: /etc/cron.daily/apt-cacher-ng exited with return code 255

AFAICS this is only possible if no connection to the daemon could be
established.

> When the command is run manually, it fails silently with return code 255.

Of course... why should cron lie to you?

> This is a fresh installation of apt-cacher-ng on unstable.

Is the apt-cacher-ng daemon running?

> (Why is `acngtool maint` run under user root instead of user apt-cacher-ng?)

You don't need a special user to do TCP/IP connections. Is your system
environment restricted, SElinux or apparmor jails etc.?

Regards,
Eduard.

Bug#806612: [Debichem-devel] Bug#806612: cp2k: FTBFS when built with dpkg-buildpackage -A (different version of GNU Fortran)

[Santiago Vila]

On Sun, Nov 29, 2015 at 06:53:24PM +0100, Michael Banck wrote:
> Hi Santiago,
> 
> On Sun, Nov 29, 2015 at 04:22:14PM +, Santiago Vila wrote:
> > Package: src:cp2k
> > Version: 2.6.1-2
> > User: sanv...@debian.org
> > Usertags: binary-indep
> > Severity: important
> > 
> > Dear maintainer:
> > 
> > I tried to build this package with "dpkg-buildpackage -A"
> > (i.e. only architecture-independent packages), and it failed:
> 
> which architecture was this on?

amd64 on testing (stretch).


This could be a compiler bug which is fixed in unstable, but it could
be also a badly done transition (which includes not doing a transition
when a transition was required).

Even if your package is not directly to blame, I think it is important
to know how this happened and ensure that it will be fixed.

Thanks.

Bug#806324: qgis: FTBFS on testing (unrecognized relocation in linking stage)

[Sebastiaan Couwenberg]

On 29-11-15 16:20, Yorik van Havre wrote:
> Apparently something changed or is buggy in latest libqt4-dev (which contains 
> libQtUiTools.a).

That's my impression too. The problem is not qgis, it's in its dependencies.

> Are you sure that qgis still builds with unstable?

Yes, as I wrote in message #10:

"
 Have you verified that it affects unstable too?
 Because my unstable builds succeed just fine.
"

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806324#10

> It seems to me that all the Qt4 stuff is now at same version
> between testing and unstable...
> 
> Probably this bug is actually in one of the Qt4 packages...

Or the interaction with its dependencies, qt4 should be the same in
testing and unstable, its dependencies in turn may not be.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#806459:

[Jeff Bai]

Please ignore this bug! The issue can be solved with adding SHA1 and SHA256
hash sum information to the Release file.

We only provided MD5Sum before, and that apparently annoys Apt 1.1. Bug
extra security for the users, eh?

Sorry for the trouble.

Bug#804575: insighttoolkit4: build-depends on libdcmtk2-dev which is no longer built

[Gert Wollny]

> So let's say this is not urgent or RC, but it'd be good to change it
> in the next upload. It is trivial to change anyway ;)

Well, since itk-4.8.2 is out and gdcm was rejected by ftp master, I
will do another upload shortly, and when the new gdcm version has
passed NEW, we can request a new build. Although it may very well be
that at that time itk-4.9 is already out. 

Best, 
Gert 

Bug#806676: [pkg-ntp-maintainers] Bug#806676: ntp: /etc/dhcp/dhclient-exit-hooks.d/ntp incorrectly parses /etc/ntp.conf

[Kurt Roeckx]

On Sun, Nov 29, 2015 at 11:26:00PM +0100, Christoph Anton Mitterer wrote:
> Package: ntp
> Version: 1:4.2.8p4+dfsg-3+b1
> Severity: normal
> 
> 
> Hi.
> 
> /etc/dhcp/dhclient-exit-hooks.d/ntp parses /etc/ntp.conf and tries to
> remove any server and peer stanzas.
> 
> - It fails however to remove any such, that have been indented by e.g.
> tabs.
> - Further, it would remove any other stanzas staring with "server" or
>   "peer" should any such be ever supported by ntp
> 
> Please replace:
> sed -r -e '/^ *(server|peer).*$/d' $NTP_CONF
> with
> sed '/^[[:space:]]*\(server\|peer\)[[:space:]]/d' $NTP_CONF
> 
> 
> Also, it doesn't remove any pool stanzas... not sure if
> this should be done or not?

Yes, I think pool should be treated just like server and peer.


Kurt

Bug#806542: liblinux-prctl-perl: autopkgtest failures: seccomp, capbset

[Antonio Terceiro]

Hi,

On Sun, Nov 29, 2015 at 07:53:55PM +0100, Salvatore Bonaccorso wrote:
> Hi Niko, hi Antonio
> 
> On Sat, Nov 28, 2015 at 09:03:30PM +0200, Niko Tyni wrote:
> > On Sat, Nov 28, 2015 at 07:22:01PM +0100, Salvatore Bonaccorso wrote:
> > 
> > > > Package: liblinux-prctl-perl
> > > > Version: 1.6.0-2 
> > 
> > > > This package recently started failing its autopkgtest checks on 
> > > > ci.debian.net:
> > 
> > > Thanks for reporting this. I can reproduce the test failures if I
> > > build in a LXC container (running sid) on a sid host.
> > > 
> > > As datapoint: Looks ci.d.n switched from schroot based test to LXC
> > > based for at least liblinux-prctl-perl.
> > 
> > Yeah, that makes sense. I expect the failures are just caused
> > by different defaults and/or restrictions inside lxc containers.

Yes, it did. I have a pending announcement email to send about that and
other things.

> So indeed this seems the reason. First for the t/capbset.t failures.
> The LXC configuration for the debian template contain:
> 
>  12 # Default capabilities
>  13 lxc.cap.drop = sys_module mac_admin mac_override sys_time
> 
> and in same way for t/seccomp.t, this is caused by:
> 
>  63 # Blacklist some syscalls which are not safe in privileged
>  64 # containers
>  65 lxc.seccomp = /usr/share/lxc/config/common.seccomp
> 
> where in common.seccomp:
> 
>   1 2 
> 
>   2 blacklist
>   3 reject_force_umount  # comment this to allow umount -f;  not recommended
>   4 [all]
>   5 kexec_load errno 1
>   6 open_by_handle_at errno 1
>   7 init_module errno 1
>   8 finit_module errno 1
>   9 delete_module errno 1
> 
> In this configuration, get_seccomp will return 2, 
> 
> # perl -E 'use Linux::Prctl qw(:constants :functions); say get_seccomp();'
> 2
> 
>PR_GET_SECCOMP (since Linux 2.6.23)
>   Return (as the function result) the secure computing mode of the
>   calling thread.  If the caller is not in secure computing  mode,
>   this operation returns 0; if the caller is in strict secure com-
>   puting mode, then the prctl() call will cause a  SIGKILL  signal
>   to be sent to the process.  If the caller is in filter mode, and
>   this system call is allowed by the seccomp filters,  it  returns
>   2.  This operation is available only if the kernel is configured
>   with CONFIG_SECCOMP enabled.

I'm not sure how to proceed. Granted the lxc setup is way more secure
than the previous schroot one, but we need to reach a compromise between
being secure and being useful. Also, if some code is allowed to be
executed on the buildds -- as I imagine this part of the test suite is
-- it should also be allowed to run on CI. :)

Do you have a recommendation on which lxc settings we might want to
change for the CI test beds?

Also note that at some point I want to add full virtualization with
qemu+kvm, so if it's too difficult to figure out what needs to be
changed maybe we can just declare this tests as needing full
virtualization and they will be skipped for now.

-- 
Antonio Terceiro 


signature.asc
Description: PGP signature

Bug#806596: TarMember.name throws UnicodeDecodeError on some filenames

[Iain Lane]

Package: python3-apt
Version: 1.0.1
Severity: normal
Tags: upstream

Hi,

I noticed that TarMember.name throws UnicodeDecodeErrors on some deb files. A
current example in Debian:

> (desktop-sid-amd64)root@nightingale:/home/laney/temp# python3 -c "from 
> apt_inst import DebFile; DebFile('aspell-is_0.51-0-4_all.deb').data.go(lambda 
> member, data: member.name)"
> Traceback (most recent call last):
>   File "", line 1, in 
>   File "", line 1, in 
> UnicodeDecodeError: 'utf-8' codec can't decode byte 0xed in position 15: 
> invalid continuation byte

Since this comes from within python-apt itself it doesn't seem possible to
work around. I guess TarMember.name should be bytes (it works in python2).

Cheers,
-- 
Iain Lane  [ i...@orangesquash.org.uk ]
Debian Developer   [ la...@debian.org ]
Ubuntu Developer   [ la...@ubuntu.com ]

Bug#796588: Bug796588#: adjtimex: Has init script in runlevel S but no matching service file

[Roger Shimizu]

Dear Felipe and Andreas,

Your detailed feedback is really helpful.
I really appreciate your kindness help!

Enclosed my updated adjtimex.service file.
Here's the explanation why I changed a bit.

>> [Unit]
>> Description=adjtimex service in early boot
> I think the description of the init script is better: "set the kernel
> time variables".

I changed to "Description=the kernel time variables setting"
Because it's more proper in the log with context:

Nov 29 22:36:01 sid systemd[1]: Starting the kernel time variables setting...
Nov 29 22:36:01 sid systemd[1]: Started the kernel time variables setting.

>> #RemainAfterExit=yes
> I have seen that Type=oneshot services that do not have
> RemainAfterExit=yes can be executed multiple times during boot. This
> may or may not be a problem here.
> The RemainAfterExit directive controls wether systemd considers the
> unit "active" after all the running processes in the unit exited. This
> can trigger multiple runs during boot, if at some point this unit is
> wanted, but it already ran and exited. My sense is that
> RemainAfterExit should be =yes for most Type=oneshot service.
> Unfortunately, that means that to manually re-run the unit, one needs
> to do a "restart" instead of a "start" to make systemd run the program
> again.

Considering adjtimex is simply set time ticking related kernel
variables on boot, it won't look after those kernel variables, which
may be changed by other processes, such as NTP client, I think it's
better to indicate the user that adjtimex service is NOT "active"
after exiting. So I removed the line completely.

If you're comfortable with this version of adjtimex.service, together
with another minor fix, I'll build a package to upload to mentors, and
ask for sponsor in mentors list.

Thanks again!

Cheers,
Roger


adjtimex.service
Description: Binary data

Bug#806595: aptitude: Changelog download throws warning: "W: Can't drop privileges for downloading as file '/tmp/aptitude-root.15442:qGi6mn/aptitudeDownload6J+8J:+PsVGmTNm^.^::Lz:%.Hi55VKA' couldn't b

[Axel Beckert]

Hi,

Axel Beckert wrote:
> on the commandline as well in the TUI, aptitude throws a warning when
> trying to download and display a changelog as root as well as user:

Forgot to mention: This happens since aptitude has been compiled
against 1.1 and shows up with all three apt releases since then (1.1,
1.1.1 and 1.1.2).

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#806597: freedombox-setup: Fix failing tests at ci.debian.org

[Sunil Mohan Adapa]

Package: freedombox-setup
Version: 0.6
Severity: normal
Tags: patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

The attached patch proposes the following changes:

Update Debian CI test case

- - XS- prefix Testsuite: field in Source: section is no longer necessary.

- - Running inside schroot is not enough for freedombox-setup.  It may
  start services and may listen on network ports.  For these cases it is
  recommended to use strong virtualization like Qemu.  Added
  'breaks-testbed' for this reason.

- - Remove code for building a chroot environment.  Depend on 'adt-run' to
  create a proper Qemu based virtual machine for freedombox-setup tests.

- - There is usually a lot of output in stderr when setup is executed.
  autopkgtest will treat these a hard errors.  Allow output on stderr
  using 'allow-stderr' restriction flag.



- -- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJWWwdlAAoJEDbDYUQMm8lxZYYP/08tDb4vGY7MvGRvpbrVLaSF
6fowb48fjwrbF+IolRYUlSYflrKBZN2965yg+LnC5GO/p9DzP6Oa/DNG/cJLrebQ
Ca06U4aBVuVQJxLYcuR5iszz/kcIwSY8F98Lzy4zQKw5GnnRjQG70Mhg/BAFyoDK
yOh/9CV3U48JklRK7/PhNm9TRVMtu88WPtLp9HSPTpRTcTcu9B3l88hxuSogZMn3
ZpVQGQon/qZvAMOaKu0rRt5uaWrMA7HqHoTI2N+igiSHrFuW0JeeoKAVxXVfZALu
Z0oerAgosqqi7tp8eF8rVQPzxqWKWlOjJ9MeQ2APrOMDCLABCPdRI5nQskoUH4DQ
9pJwiuupvXQMUMagfP3gmmh03uuJGFuZIeFmjE0xEHnzvkgn6SazTBTMIH6AVD49
FoiARTN0VXfzQR1x8rBP4MuMOfhIlmX/dujVD+jVBXV28O/6RiyG/vc8ZCfjuO5j
T8pODN+1h/w8t02v7tbTqYDmEnGouE+yhEz6F5KlIW0kg/reSC/oNaJwa9YFWn02
tikRikVyKVqTtpGojBua81xivOgiw32RM+kYbsR90u5eO+vSu9SBKkpx0489G6K6
WoEQBzq0Ckf8COBhdnv1YZOT8pRH1Z1ky/CZnK0R2pgjeOfiIb3IBU78SS8wksjn
xkZpwKmTAAefFKrWBLKO
=yQl3
-END PGP SIGNATURE-
>From 617b40d68cba39072033eb687bea5c10d642df90 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Sun, 29 Nov 2015 16:22:54 +0530
Subject: [PATCH] Update Debian CI test case

- XS- prefix Testsuite: field in Source: section is no longer necessary.

- Running inside schroot is not enough for freedombox-setup.  It may
  start services and may listen on network ports.  For these cases it is
  recommended to use strong virtualization like Qemu.  Added
  'breaks-testbed' for this reason.

- Remove code for building a chroot environment.  Depend on 'adt-run' to
  create a proper Qemu based virtual machine for freedombox-setup tests.

- There is usually a lot of output in stderr when setup is executed.
  autopkgtest will treat these a hard errors.  Allow output on stderr
  using 'allow-stderr' restriction flag.
---
 debian/control  |  2 +-
 debian/tests/control|  5 ++-
 debian/tests/test-chroot| 74 -
 debian/tests/test-run-setup |  5 +++
 4 files changed, 8 insertions(+), 78 deletions(-)
 delete mode 100755 debian/tests/test-chroot
 create mode 100755 debian/tests/test-run-setup

diff --git a/debian/control b/debian/control
index 1397b95..208d754 100644
--- a/debian/control
+++ b/debian/control
@@ -16,7 +16,7 @@ Build-Depends: debhelper (>= 9)
  , zip
  , libwww-perl
 Standards-Version: 3.9.6
-XS-Testsuite: autopkgtest
+Testsuite: autopkgtest
 Homepage: https://wiki.debian.org/FreedomBox
 Vcs-Git: git://anonscm.debian.org/freedombox/freedombox-setup.git
 Vcs-Browser: http://anonscm.debian.org/cgit/freedombox/freedombox-setup.git
diff --git a/debian/tests/control b/debian/tests/control
index 0fa2752..0ba14fa 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -1,3 +1,2 @@
-Tests: test-chroot
-Depends: debootstrap
-Restrictions: needs-root
+Tests: test-run-setup
+Restrictions: needs-root, breaks-testbed, allow-stderr
diff --git a/debian/tests/test-chroot b/debian/tests/test-chroot
deleted file mode 100755
index 57f7f48..000
--- a/debian/tests/test-chroot
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Enable when debugging
-#set -x
-
-at_exit() {
-for m in $umount ; do
-	echo info: umounting "$m"
-	umount "$m"
-done
-}
-
-trap at_exit INT TERM EXIT
-
-chroot_test() {
-cd $ADTTMP
-
-suite=unstable
-target=test-chroot-$suite
-
-DEBIAN_FRONTEND=noninteractive
-export DEBIAN_FRONTEND
-
-debootstrap --include freedombox-setup $suite $target
-
-printf "#!/bin/sh\nexit 101\n" > $target/usr/sbin/policy-rc.d
-chmod a+rx $target/usr/sbin/policy-rc.d
-
-# Workaround for resolvconf not working in chroot without /run
-# mounted.
-rm $target/etc/resolv.conf
-cp /etc/resolv.conf $target/etc/resolv.conf
-
-# Make sure chroot have some kind of hostname set in /etc/
-if [ -e /etc/hostname ] ; then
-cp /etc/hostname $target/etc/hostname
-else
-echo 

Bug#806598: nagios-plugins-contrib: check_memory broken with new free output

[Simon Ruderich]

Package: nagios-plugins-contrib
Version: 15.20150818
Severity: normal
Tags: patch

Hello,

The output of free doesn't anymore contain the "buffers/cache"
line breaking the check_memory plugin. The attached patch uses
instead the new "available" column to calculate the free memory
as it seems to be a better estimation of free (usable) memory.

Regards
Simon
-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
--- check_memory.orig	2015-08-18 18:17:21.0 +0200
+++ check_memory	2015-11-29 15:14:07.493644046 +0100
@@ -104,12 +104,23 @@
   or $np->nagios_exit('CRITICAL', "Could not run $FREECMD");
 
 warn("Output from $FREECMD:\n") if ($verbose > 1);
-my ($used, $free);
+my $new_format = 0;
+my ($total, $used, $free);
 while () {
   warn("  $_") if ($verbose > 1);
-  next unless (m#^\-/\+\ buffers/cache:\s*(\d+)\s+(\d+)#);
-  $used = $1;
-  $free = $2;
+  # New `free` output from procps doesn't provide "buffers/cache" anymore, but
+  # provides a better estimate of available memory ("available" column).
+  $new_format = 1 if m{^\s+total\s+used\s+free\s+shared\s+buff/cache\s+available$};
+
+  if ($new_format and /^Mem:\s+(\d+)\s+\d+\s+\d+\s+\d+\s+\d+\s+(\d+)$/) {
+$total = $1;
+$free = $2; # available column
+$used = $total - $free; # used is everything which is not available
+  } elsif (m#^\-/\+\ buffers/cache:\s*(\d+)\s+(\d+)#) {
+$used = $1;
+$free = $2;
+$total = $used + $free;
+  }
 }
 
 close(RESULT);
@@ -117,7 +128,6 @@
 
 $np->nagios_exit('CRITICAL', "Unable to interpret $FREECMD output") if (!defined($free));
 
-my $total = $used + $free;
 if (defined($warning) && $warning =~ /^\d+%$/) {
   if ($warning) {
 $warning =~ s/%//;


signature.asc
Description: PGP signature

Bug#796588: Bug796588#: adjtimex: Has init script in runlevel S but no matching service file

[Felipe Sateler]

On 29 November 2015 at 11:04, Roger Shimizu  wrote:
> Dear Felipe and Andreas,
>
> Your detailed feedback is really helpful.
> I really appreciate your kindness help!
>
> Enclosed my updated adjtimex.service file.
> Here's the explanation why I changed a bit.
>
>>> [Unit]
>>> Description=adjtimex service in early boot
>> I think the description of the init script is better: "set the kernel
>> time variables".
>
> I changed to "Description=the kernel time variables setting"
> Because it's more proper in the log with context:
>
> Nov 29 22:36:01 sid systemd[1]: Starting the kernel time variables setting...
> Nov 29 22:36:01 sid systemd[1]: Started the kernel time variables setting.

Note that this is not the only place that this description appears. It
also shows in the output of "systemctl status adjtimex.service", or
"systemctl list-units". This should really be a full descriptive
sentence. Maybe, "Adjust kernel time variables".


>
>>> #RemainAfterExit=yes
>> I have seen that Type=oneshot services that do not have
>> RemainAfterExit=yes can be executed multiple times during boot. This
>> may or may not be a problem here.
>> The RemainAfterExit directive controls wether systemd considers the
>> unit "active" after all the running processes in the unit exited. This
>> can trigger multiple runs during boot, if at some point this unit is
>> wanted, but it already ran and exited. My sense is that
>> RemainAfterExit should be =yes for most Type=oneshot service.
>> Unfortunately, that means that to manually re-run the unit, one needs
>> to do a "restart" instead of a "start" to make systemd run the program
>> again.
>
> Considering adjtimex is simply set time ticking related kernel
> variables on boot, it won't look after those kernel variables, which
> may be changed by other processes, such as NTP client, I think it's
> better to indicate the user that adjtimex service is NOT "active"
> after exiting. So I removed the line completely.
>
> If you're comfortable with this version of adjtimex.service, together
> with another minor fix, I'll build a package to upload to mentors, and
> ask for sponsor in mentors list.

> Environment="TICK=1 FREQ=0"

I don't think this works. There should be no quotes there, or systemd
might treat TICK variable as containing "1 FREQ=0".

> EnvironmentFile=-/etc/default/adjtimex
> ExecStart=/sbin/adjtimex -tick "$TICK" -frequency "$FREQ"

I think the quotes are superfluous. If you want to preserve quoting,
systemd does it by using ${TICK} and ${FREQ} syntax.

There is more information on using variables here:
http://www.freedesktop.org/software/systemd/man/systemd.service.html#Command%20lines

-- 

Saludos,
Felipe Sateler