Bug#338889: Overzealously prefers signed packages to identical unsigned ones
: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages apt depends on: ii libc6 2.3.5-6GNU C Library: Shared libraries an ii libgcc1 1:4.0.2-3 GCC support library ii libstdc++64.0.2-3The GNU Standard C++ Library v3 apt recommends no packages. -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Modem sex begins with a handshake. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#339030: svlogd appends extra newline to lines logged to file if also logging to udp
Package: runit Version: 1.3.1-1 Severity: normal Hi, I recently started seeing extra newlines between the messages in my system logs (logged via socklog and svlogd). stracing svlogd I see this (sorry about the long lines): read(0, mail.info: Nov 14 16:40:21 amavis[2679]: (02679-12) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], Hits: -2.592\n, 1024) = 207 gettimeofday({1131982821, 161063}, NULL) = 0 sendto(6, mail.info: Nov 14 16:40:21 amavis[2679]: (02679-12) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], Hits: -2.592\n, 207, 0, {sa_family=AF_UNSPEC, sa_data=\2\2\230BS\205\0\0\0\0\0\0\0\0}, 16) = 207 write(7, @40004378afef0999a24c mail.info: Nov 14 16:40:21 amavis[2679]: (02679-12) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], Hits: -2.592\n\n, 234) = 234 As you can see, the line as read from stdin only had one \n at the end; it was then transmitted via udp to a log server, still with only one \n at the end; and then, it was logged to a file with an extra \n. The config file for the relevant log directory reads: --- cut here --- s50 n25 -* +*:*:*:* amavis* +*: amavis* !/usr/local/sbin/multilogcheck amavis uIP.OF.LOG.SERVER --- cut here --- If I remove the last line (uIP.OF.LOG.SERVER), the extra newline is no longer appended. Andras -- System Information: Debian Release: unstable APT prefers breezy-security APT policy: (500, 'breezy-security'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7-chardonnay-skas3-v8-rc2 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A faba szorult favago esete Toth Marival. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#338889: Overzealously prefers signed packages to identical unsigned ones
On Wed, Nov 23, 2005 at 04:47:02PM +0100, Michael Vogt wrote: Hi, I have a local package repository that is pieced together from many different sources. I don't have a signed Release file (is there an easy way to generate one automatically?); I only generate my own Packages file. It's a matter of runing apt-ftparchive and gpg, see apt-secure(8) for a discussion. OK, will do; thanks. Nevertheless, when apt-get needs to fetch packages, it ignores my local repository and downloads the exact same packages from the net instead, presumably because those repositories are signed. (But do correct me if I'm wrong.) [..] Yes, it's a feature of apt to prefer signed sources. But if you run it with --allow-unauthenticated, it should behave exactly as the 0.5.x versions. Can you please try/confirm this? This switch seems to work as advertised here; alas, the manpage isn't very clear about it - it just seems to say that this turns off the prompt about unsigned packages. This is a good enough workaround for me, but I still think the new behaviour is wasteful (it wastes bandwidth) - if two packages have the same size and md5sum, they can IMO be assumed to have the same signatures too. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Whoever decided to limit taglines to a single line can just kiss my -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386608: svlogd: please warn about buffer size
Package: runit Version: 1.5.1-1 Severity: wishlist Hi, svlogd can become a performance bottleneck if log traffic is high. The pipe buffer between it and the service is filled and svlogd doesn't read older messages quickly enough with the default buffer size of 1024. In one particular scenario, increasing buffer size to 16384 (with -b) reduced system cpu time from 80% to about 65%. I can imagine several ways of dealing with this problem: - increase default buffer size (probably unnecessary); - point out performance effect in documentation; - print warnings to stderr if the read() returns buflen characters a suitably low consecutive N times in a row (which would indicate buffer congestion); - instead of (or in addition to) the warning, increase the buffer adaptively (max. size should be configurable); - (probably overkill:) make svlogd multi-threaded, with one thread constantly reading the input and stuffing it into a larger buffer for the other thread to retrieve and commit to disk/udp. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: All programmers are optimists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#375433: Please support custom commands in sv and/or runsv
Hi Gerrit, I just realized that for custom commands like 'reload' to work, it's not even necessary to go through runsv; sv could manage it on its own, just like it does 'check'. You'd just need the custom scripts in the service directory, where check resides anyway (or in a subdirectory so you could have actions called 'run' and 'finish'). sv could then just call the corresponding script when called with an unknown command argument, preferably changing to the service directory first so that things like 'sv h .' work (which is what 'reload' would do in many cases). What do you think? Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: It doesn't work, but it looks pretty. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391165: runit retains a controlling tty; ctrl-c on tty1 reboots/halts system
Subject: runit: retains a controlling terminal; ctrl-c on tty1 halts/reboots system Package: runit Version: 1.6.0-1 Severity: important Hi, under some (unknown) circumstances, runit(8) retains a controlling tty: USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.010420 tty1 Ss+ 09:07 0:00 runit This has the important side effect that the getty-1 service is unable to set its own controlling tty to tty1, and that pressing ctrl-c in the login shell started by getty-1 will deliver the SIGINT to runit so that a ctrl-alt-del event is triggered. This doesn't happen on all computers I run runit on, but it happened on at least two (one amd64, one i386). Both run runit 1.6.0-1. I guess replacing /sbin/init with a shell script that does exec chpst -P runit-init might be a workaround, but I'd be happier if this weren't necessary. :) -- System Information: Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-utopia Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) runit depends on no packages. Versions of packages runit recommends: pn fgettynone (no description available) -- no debconf information Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Make love not war - see me for details. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391165: runit retains a controlling tty; ctrl-c on tty1 reboots/halts system
On Thu, Oct 05, 2006 at 08:47:37AM +, Gerrit Pape wrote: Hi, under some (unknown) circumstances, runit(8) retains a controlling tty: Hi Andras, can you please check the kernel versions on the affected systems? I've reports that this problem happens with some 2.6 kernel versions, most probably starting with some minor version. You seem to be right: all affected systems run 2.6.17 (either Ubuntu distribution kernels or self-compiled). Xen-testing patched 2.6.16.13 is the latest I could find that was not affected (I don't have any boxes with kernels between this and 2.6.17, unfortunately). Vanilla 2.6.15.4 is also fine. Plain old init on 2.6.17 is fine too. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Nem iszom tobbet. De kevesebbet sem. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#80633: joe: When running inside a screen(1), cursor often placed in wrong column
On Mon, Sep 25, 2006 at 06:04:40PM +0200, Josip Rodin wrote: On Thu, Dec 28, 2000 at 12:51:24AM +0100, Josip Rodin wrote: apparently the screen process needs to be running for some time before the bug manifests itself; what happens is that the cursor is sometimes, seemingly at random, placed at column 1-8; a couple of characters I type appear there, and then, as I continue typing, everything returns to normal (except that most tabs appear to be displayed as a simple space and those few characters stay at the beginning of the line until I hit ctrl-r). I think I've seen this one myself... but it's just screen corruption, the data is written correctly, right? Can you reproduce this bug with joe 3.x? I couldn't ever reproduce it as such - it just happened occasionally. I'm no longer sure (it was six years ago, after all) if it's the same issue, but in the meantime I've found that enabling 'meta as-is' causes display corruption if the file contains 'weird' non-printable characters. While this is arguably a feature (after all, I asked for those characters to be displayed), the problem is that this seems to be the only way to see accented international characters too. So fixing this would involve displaying printable characters but suppressing (or escaping) nonprintable ones, like vim does. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A yer ago I kudnt spel progremr now I are won. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#401547: tryto -n1 often reports that child crashed even if it didn't
\0\3\0\1\0\0\0\20Z\1\0004\0\0\0D\304\21\0\0\0\0\0004\0 \0\n\0(\0=\0[EMAIL PROTECTED]@\1\0\0\5\0\0\0\4\0\0\0\3\0\0\0\200\10\21\0\200\10\21\0\200\10\21\0\23\0\0\0\23\0\0\0\4\0\0\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0005\200\21\0005\200\21\0\5\0\0\0\0\20\0\0\1\0\0\0\300\217\21\0\300\237\21\0\300\237\21\0\274)\0\0\274U\0\0\6\0\0..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1166796, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fa3000 mmap2(NULL, 1176956, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e83000 mmap2(0xb7f9c000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x118) = 0xb7f9c000 mmap2(0xb7fa, 9596, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7fa close(3)= 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e82000 set_thread_area({entry_number:-1 - 6, base_addr:0xb7e826b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0xb7f9c000, 8192, PROT_READ) = 0 munmap(0xb7fa4000, 62219) = 0 open(/usr/lib/locale/locale-archive, O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) brk(0) = 0x804c000 brk(0x806d000) = 0x806d000 open(/usr/share/locale/locale.alias, O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=2586, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fb3000 read(3, # Locale name alias data base.\n# Copyright (C) 1996-2001,2003 Free Software Foundation, Inc.\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU Ge..., 4096) = 2586 read(3, , 4096) = 0 close(3)= 0 munmap(0xb7fb3000, 4096)= 0 open(/usr/lib/locale/hu_HU/LC_CTYPE, O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=207996, ...}) = 0 mmap2(NULL, 207996, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7e4f000 close(3)= 0 close(1)= 0 exit_group(0) = ? Best regards, Andras -- System Information: Versions of packages socklog depends on: ii adduser3.77 Add and remove users and groups ii libc6 2.4-1ubuntu12 GNU C Library: Shared libraries Versions of packages socklog recommends: ii ipsvd 0.12.1-1 Internet protocol service daemons ii runit 1.5.1-1a UNIX init scheme with service su pn socklog-run none (no description available) -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: It begins when you sink into his arms, and it ends with your arms in his sink. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#498020: Some upstream files not shipped; breaks script engine
Package: nmap Version: 4.68-1 Severity: normal Hi, the Debian nmap package fails to include the following files: /usr/share/nmap/nselib/comm.lua /usr/share/nmap/nselib/datafiles.lua /usr/share/nmap/nselib/http.lua /usr/share/nmap/nselib/tab.lua /usr/share/nmap/scripts/MySQLinfo.nse /usr/share/nmap/scripts/UPnP-info.nse /usr/share/nmap/scripts/rpcinfo.nse I think the fix is as simple as adding these to nmap.files. Without the above files, nmap's script engine breaks, complaining that rpcinfo.nse is not a file, like this: SCRIPT ENGINE: Initiating script scanning. SCRIPT ENGINE: rpcinfo.nse is not a file. SCRIPT ENGINE: Aborting script scan. Reproduce by doing nmap -A -O -v scanme.nmap.org. Best regards, Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22.19-arcadia-grsec2.1.11-vs2.2.0.7 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Shell: /bin/sh linked to /bin/bash Versions of packages nmap depends on: ii libc6 2.7-11 GNU C Library: Shared libraries ii libgcc1 1:4.3.1-3 GCC support library ii libpcap0.80.9.8-3system interface for user-level pa ii libpcre3 7.6-2 Perl 5 Compatible Regular Expressi ii libssl0.9.8 0.9.8g-10 SSL shared libraries ii libstdc++64.3.1-3The GNU Standard C++ Library v3 nmap recommends no packages. -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Those who do not understand Unix are condemned to reinvent it, poorly. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#305917: Please include attached plugin for nut
Hi, it's been more than two years; any news? :) I just noticed that the script contains some bashisms, so the first line should read #!/bin/bash instead of #!/bin/sh. Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: To be or to not be, that is the split infinitive. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#149897: The bug you reported about ip route ... equalize ...
On Sat, Dec 29, 2007 at 03:15:08PM +0100, Andreas Henriksson wrote: Hi, Very good to hear this has resolved itself. The only thing that remains is the false statement in the documentation about having to patch the kernel. Lets treat this report as a bug against the documentation from now on. I'll try to dig some and see if I can find it which kernel version the support first appeared. It seems like the required patch[1] which implements the feature is only available for 2.4.18. As far as I can tell it only /looks/ like it works with current kernels, because the kernel has the RTM_F_EQUALIZE flag (but no actual implementation). The flag has been there since atleast 2.4.0. man 7 rtnetlink says: RTM_F_EQUALIZE a multicast equalizer (not yet implemented) This at least should be multipath, not multicast. So. Updating the documentation to state the fact that the required kernel patch doesn't exist (for kernels supported by Debian) doesn't seem very useful. Oh, I think it would be useful. Maybe add a note to README.Debian to the tune of This version of iproute supports multipath route equalization, but as of 2007-12-30 no kernel implements it. Routes that rely on the 'equalize' keyword will not work as expected. See http://www.ussg.iu.edu/hypermail/linux/kernel/0203.2/1314.html and e.g. http://www.mail-archive.com/[EMAIL PROTECTED]/msg10038.html for more information. Possibly the support for equalize in iproute should be dropped completely since it's never been part of any official kernel release, and since it hasn't been solved in all these years noone will probably ever implement this. I'll ask upstream I don't know. I see the current situation as being halfway there; adding the required support to the kernel would be a step forward, while also removing it from iproute would be a step backward. Also, removing equalize support from iproute may break scripts that use it, so that e.g. after a reboot, a box would be unable to set its routing up and become unreachable. Not good. Even if 'equalize' doesn't do what's expected, it at least works to the extent that the routes are created. The most I think could be done is make ip(8) print a warning when equalize is used. This will, however, still annoy a lot of people because it'll cause normally silent scripts to suddenly spew warnings. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: The Moon is covered with the results of astronomical odds. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301361: Move processing from apt_all plugin to apt-get update cronjob
Package: munin-node Version: 1.2.2-2 Severity: normal Hi, The processing done by the apt_all plugin can be rather expensive if there are many packages installed and/or many sources in sources.list. On one of my systems the plugin even times out sometimes. Since the results it obtains will always be the same anyway until apt-get update is run again, why not move the processing there? Either write a file into /var/cache with the output of the plugin from the apt-get update cronjob; or maybe there is a mechanism to have apt invoke a program after apt-get update, so the plugin output would also be updated on manual apt-get updates. The plugin itself would just need to cat the file from /var/cache. Considering that the plugin gets run every five minutes or so, the savings could be significant. I file this report with a severity of 'normal' instead of 'wishlist' because due to the timeout the plugin sometimes actually fails. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8.1-ak1-chardonnay Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages munin-node depends on: ii libnet-server-perl0.87-2 An extensible, general perl server ii perl 5.8.4-5Larry Wall's Practical Extraction ii procps1:3.2.5-1 /proc file system utilities -- no debconf information Best regards, -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A road map always tells you everything except how to refold it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#299589: per-plugin group directive apparently ignored
Package: munin-node Version: 1.2.2-2 Severity: normal Hi, I have a /etc/munin/plugin-conf.d/entropy file which reads: [entropy] user root group proc Originally it just had group proc, because: dr-xr-x--- 11 root proc 0 Mar 15 09:10 /proc/sys (/proc/sys is only accessible to root and to group proc on my ststem). I recently noticed that this no longer worked; the entropy plugin couldn't read the entropy_avail file. I added an 'id' command to the plugin, and noticed the following: # telnet localhost 4949 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. # munin node at name-of-box fetch entropy #uid=0(root) gid=183(munin) groups=183(munin) entropy.value 16814 . Note how it is not a member of the proc group. The situation is the same if I remove user root (obviously it runs as a different uid then, but still no group proc). Naturally, a large number of other plugins are affected as well. This used to work before and got broken recently. Alas, I can't say exactly when. Andras -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages munin-node depends on: ii libnet-server-perl0.87-2 An extensible, general perl server ii perl 5.8.4-5Larry Wall's Practical Extraction ii procps1:3.2.5-1 /proc file system utilities -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Computer Lie #1: You'll never use all that disk space. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#305917: Oversights and fixes
A slight oversight: @@ -23,7 +23,7 @@ | tr -d '][' \ | while read ups; do for i in voltages freq charge current; do - echo ${ups}_${i} + echo [EMAIL PROTECTED] done done fi Also, munin-node shouldn't skip plugins whose names contain the @ character. As you can see, there is a perfectly legitimate use for it. :) Until this is done, the above patch should not be applied to the ups_ plugin; instead, the following two lines should be added after UPS is assigned: # Fixup until munin-node no longer skips plugins with @s echo $UPS | fgrep -q '@' || [EMAIL PROTECTED] While looking at that part of the code of munin-node, I found what I believe to be a bug. Line 328 of munin-node reads: warn Something wicked happened while reading \$servicedir/$file\. Check the previous log lines for spesifics.; That $servicedir should be $sconfdir, I think. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Laughing stock: cattle with a sense of humour. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#297173: Please support name-based virtualhosting (yes, I know it's impossible)
Package: openssh Severity: wishlist Hi, it'd be useful if ssh did name-based virtualhosting, for example if you provide services on top of ssh where it's irrelevant what physical box the service resides on: e.g. subversion. If name-based virtualhosting were supported, it would be possible to move a repository from one physical host to the other, change DNS, and the clients would transparently begin using the new server. This is currently impossible without also changing the host key of the new host to be the same as the old one (otherwise the clients report that the host key changed). Changing the host key of the new server may, however, have adverse side effects if the server isn't really new, just the new home of the repository. What I propose is to have one host key per 'virtualhost', and possibly also per-virtualhost config settings (e.g. command=svnserve -t for an entire virtualhost). Obviously the client would have to tell the server what virtualhost it wanted to connect to before keys are exchanged. I realize this is difficult to do and requires major changes to the code and the protocol. Feel free to add a wontfix tag; I just wanted to publicize this idea in the hope someone will like it enough to surmount the difficulties. Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: If debugging is removing bugs, then programming must be putting them in. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#375433: patch to support custom commands in sv
tags 375433 patch thanks Hi, Allied-Visions GmbH developed a patch to support custom commands (such as reload) in sv's initscript emulation. This required some changes in the way sv handles commands. You can now have /service/foo/custom/reload, and sv reload foo will execute that. This makes it possible to finally seamlessly support e.g. Debian package upgrades where the original initscript has been replaced by a symlink pointing to sv. Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: cat dad*.dna mom*.dna baby.out Index: sv.c === --- sv.c (revision 144) +++ sv.c (revision 146) @@ -29,6 +29,9 @@ #define TIMEOUT timeout: #define KILLkill: +char custom_command_[64]; +char *custom_command = custom_command_+7; + char *progname; char *action; char *acts; @@ -204,6 +207,43 @@ return(!wait_exitcode(w)); } +int execute_custom_command() +{ + char *prog[2]; + int pid, w; + + if ((pid =fork()) == -1) { +outs2(WARN); outs2(unable to fork for ); outs2(*service); +outs2(custom_command); outs2(error_str(errno)); flush2(\n); +return(0); + } + if (!pid) { +/* Probably faster than a for cycle for 9 bytes) */ +custom_command_[0] = 'c'; +custom_command_[1] = 'u'; +custom_command_[2] = 's'; +custom_command_[3] = 't'; +custom_command_[4] = 'o'; +custom_command_[5] = 'm'; +custom_command_[6] = '/'; +prog[0] =custom_command_; +prog[1] =0; +close(1); +execve(custom_command_, prog, environ); +outs2(WARN); outs2(unable to run ); outs2(*service); outs2(/);outs2(custom_command_);outs2(: ); +outs2(error_str(errno)); flush2(\n); +_exit(0); + } + while (wait_pid(w, pid) == -1) { +if (errno == error_intr) continue; +outs2(WARN); outs2(unable to wait for child ); outs2(*service); +outs2(/);outs2(custom_command_);outs2(: );outs2(error_str(errno)); flush2(\n); +return(0); + } + return(!wait_exitcode(w)); + +} + int check(char *a) { unsigned int pid; @@ -216,6 +256,9 @@ pid =8; pid +=(unsigned char)svstatus[12]; switch (*a) { case 'x': return(0); +case '0': + execute_custom_command(); + break; case 'u': if (!pid || svstatus[19] != 1) return(0); if (!checkscript()) return(0); @@ -261,9 +304,62 @@ return(1); } +typedef enum { + argf_kll = 1, /* Set kll to 1 */ + argf_act0 = 2, /* Set act to 0 */ + argf_acts = 4, /* Set act to status */ +} arg_flag_t; + +typedef struct { + char *name; + char *acts; + void *cbk; + arg_flag_t flags; +} arg_t ; + +/* Built in arguments - what is not listed here is taken as custom */ +arg_t arguments[] = { +/* Argument acts cbkflags */ + {exit, x, NULL, 0}, + {x, x, NULL, 0}, + {Exit, x, check, argf_kll}, + {X, x, check, argf_kll}, + {D, d, check, argf_kll}, + {T, tc, check, argf_kll}, + {c, C, check, argf_act0}, + {check, C, check, argf_act0}, + {tc, tc, NULL, 0}, + {tcu,tcu, NULL, 0}, + {down, d, NULL, 0}, + {once, o, NULL, 0}, + {up, u, NULL, 0}, + {pause, p, NULL, 0}, + {cont, c, NULL, 0}, + {hup,h, NULL, 0}, + {alarm, a, NULL, 0}, + {interrupt, i, NULL, 0}, + {quit, q, NULL, 0}, + {term, t, NULL, 0}, + {kill, k, NULL, 0}, + {1, 1, NULL, 0}, + {2, 2, NULL, 0}, + {shutdown, x, check, 0}, + {start, u, check, 0}, + {stop, d, check, 0}, + {status, s, NULL, argf_acts}, + {s, s, check, argf_acts}, + {restart,tcu, check, 0}, + {force-reload, tc, check, argf_kll}, + {force-restart, tcu, check, argf_kll}, + {force-shutdown, x, check, argf_kll}, + {force-stop, d, check, argf_kll}, + {NULL, NULL, NULL, 0} /* terminator record */ +} ; + int main(int argc, char **argv) { unsigned int i, done; char *x; + arg_t *arg; progname =*argv; for (i =str_len(*argv); i; --i) if ((*argv)[i -1] == '/') break; @@ -293,42 +389,34 @@ act =control; acts =s; if (verbose) cbk =check; - switch (*action) { - case 'x': case 'e': -acts =x; break; - case 'X': case 'E': -acts =x; kll =1; cbk =check; break; - case 'D': -acts =d; kll =1; cbk =check; break; - case 'T': -acts =tc; kll =1; cbk =check; break; - case 'c': -if (!str_diff(action, check)) { act =0; acts =C; cbk =check; break; } - case 'u': case 'd': case 'o': case 't': case 'p': case 'h': - case 'a': case 'i': case 'k': case 'q': case '1': case '2': -action[1] =0; acts =action; break; - case 's
Bug#447020: ipsvd: please support CIDR-based configuration directories and hierarchical DNS based configuration
Package: ipsvd Version: 0.13.0-1 Severity: wishlist Tags: patch Hi, the flat directory configuration scheme for ipsvd doesn't scale well for large subnets that are not class A, B or C; for example, a /25 network would need 128 configuration files. Allied-Visions GmbH developed a patch to support CIDR-based configuration (attached). This patch also adds support for configfile expiry on filesystems mounted with noatime; a new switch, -T, causes {tcp,udp}svd to touch (hence the T) the files it accesses, keeping the atime updated. Configuration now works as follows: - the configfile for 1.2.3.0/24 would be the file called 24 in the directory called 1.2.3.0 - if you want separate configuration for the IP 1.2.3.0, call the file 1.2.3.0/32 - if we don't have permission to read a dir, then we assume we don't have permission to read the files in it either and act accordingly To further increase scalability in large configurations, hierarchical processing of domain names is now possible: the configuration in foo/bar applies to all clients under the domain .bar.foo. This patch hasn't received thorough testing yet, but it appears to work. We'll test it further and post new versions of the patch here if necessary; this submission is in the spirit of 'release early, release often'. :) Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Hogy en ambivalens??? Talan igen, talan nem... Index: CIDR_test/test.c === --- CIDR_test/test.c (.../ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 0) +++ CIDR_test/test.c (.../floss/ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 147) @@ -0,0 +1,19 @@ +#include stdio.h +#include ../CIDR.h +int main() +{ + unsigned char ip_num[4]; + char *ip = 123.4.31.01; + char result[32]; + int n; + + printf(res=%d\n, ip2num(ip, ip_num)); + printf(%u.%u.%u.%u\n, ip_num[0], ip_num[1], ip_num[2], ip_num[3]); + + *result = '\0'; + for(n=32; n0; n--) { + num2CIDR(ip_num, result, n); + printf(%2d=%s\n, n, result); + } + return 0; +} Index: CIDR_test/Makefile === --- CIDR_test/Makefile (.../ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 0) +++ CIDR_test/Makefile (.../floss/ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 147) @@ -0,0 +1,9 @@ +CFLAGS = -Wall -g +test: test.o ../CIDR.o + +test.o: test.c + +../CIDR.o: ../CIDR.c + +clean: + rm test.o test Index: udpsvd.c === --- udpsvd.c (.../ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 73) +++ udpsvd.c (.../floss/ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 147) @@ -170,8 +170,9 @@ progname =*argv; - while ((opt =getopt(argc, argv, vu:l:hpi:x:t:V)) != opteof) { + while ((opt =getopt(argc, argv, Tvu:l:hpi:x:t:V)) != opteof) { switch(opt) { + case 'T': check_touch_configs = 1; break; case 'v': ++verbose; break; Index: tcpsvd.c === --- tcpsvd.c (.../ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 73) +++ tcpsvd.c (.../floss/ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 147) @@ -271,12 +271,13 @@ #ifdef SSLSVD while ((opt =getopt(argc, (const char **)argv, - c:C:i:x:u:l:Eb:hpt:vVU:/:Z:K:)) != opteof) { + Tc:C:i:x:u:l:Eb:hpt:vVU:/:Z:K:)) != opteof) { #else while ((opt =getopt(argc, (const char **)argv, - c:C:i:x:u:l:Eb:hpt:vV)) != opteof) { + Tc:C:i:x:u:l:Eb:hpt:vV)) != opteof) { #endif switch(opt) { + case 'T': check_touch_configs = 1; break; case 'c': scan_ulong(optarg, cmax); if (cmax 1) usage(); break; case 'C': delim =scan_ulong(optarg, phccmax); Index: ipsvd_check.c === --- ipsvd_check.c (.../ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 73) +++ ipsvd_check.c (.../floss/ipsvd/ipsvd-0.13.0/net/ipsvd-0.13.0/src) (revision 147) @@ -2,6 +2,7 @@ #include sys/stat.h #include unistd.h #include time.h +#include utime.h #include ipsvd_check.h #include ipsvd_log.h #include ipsvd_fmt.h @@ -17,7 +18,11 @@ #include pathexec.h #include dns.h #include ip4.h +#include alloc.h +#include CIDR.h +int check_touch_configs = 0; + extern const char *progname; static stralloc sa ={0}; static stralloc ips ={0}; @@ -118,12 +123,28 @@ return(rc); } +void touch(const char *file_name, time_t atime) +{ + struct utimbuf ut; + + if (atime == 0) + atime = time(NULL); + + ut.actime = atime; + ut.modtime = atime; + + utime(file_name, ut); +} + int ipsvd_check_direntry(stralloc *d, stralloc *m, char *ip, time_t now, unsigned long t, int *rc) { int i; struct stat s; if (stat(m-s, s) != -1) { + /* Do not consider
Bug#441316: sv once ineffective if 'finish' exists and is executable
Package: runit Version: 1.7.2-1 Severity: normal Hi, if ./finish exists and is executable, runsv will execute it and then restart the service even if it was in the 'sv once' state. Andras -- System Information: Debian Release: 4.0 Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20.13-vs2.2.0-chardonnay Locale: LANG=POSIX, LC_CTYPE=hu_HU (charmap=ISO-8859-2) runit depends on no packages. Versions of packages runit recommends: pn fgettynone (no description available) -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A printer consists of a case, a jammed paper tray and a blinking red light. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#441316: sv once ineffective if 'finish' exists and is executable
On Mon, Sep 10, 2007 at 12:27:39PM +, Gerrit Pape wrote: Hi, if ./finish exists and is executable, runsv will execute it and then restart the service even if it was in the 'sv once' state. Hmm, it doesn't fail for me [...] Can you post the exact commands to reproduce the issue? Yes, will do. Very busy today, so probably tomorrow. Thanks Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Santa's business model: 1. make toys. 2. give them away. 3. ??? 4. profit. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#441316: sv once ineffective if 'finish' exists and is executable
On Mon, Sep 10, 2007 at 12:27:39PM +, Gerrit Pape wrote: Hi, if ./finish exists and is executable, runsv will execute it and then restart the service even if it was in the 'sv once' state. Hmm, it doesn't fail for me You're right. It was my fault, but the scenario is, I think, instructive. :) I have two services that depend on each other: x depends on y. Hence, x/run does sv start y || exit 1, whereas y/finish stops x. So far, so good. However, x doesn't deal well with the TERM signal and only exits cleanly on a SIGUSR1. I now realize the clean way would have been to write an x/control/t script; instead, I had sv once x (to avoid restarting x when it exited), followed by sv 1 x and sv force-stop x. This had the effect of _starting_ x if it was down already (with sv once), which brought y up again. Wouldn't it be useful to have an 'sv once' style command that doesn't start the service, merely causes it not to be restarted when it exits, provided it is running? Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Money isn't everything... but it's not a bad start. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385292: Please include -P option as in Ubuntu
Hi, I attach the ubuntu patches against klogd.c and klogd.8 for your reference. Also included is the ubuntu klogd initscript. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Growing old is mandatory, growing up is optional! --- sysklogd-1.4.1.orig/klogd.c +++ sysklogd-1.4.1/klogd.c @@ -20,6 +20,13 @@ */ /* + * Thu Nov 25 16:48:39 CET 2004: Martin Pitt + * Added option -P to give alternative location of /proc/kmsg (- for + * stdin). This allows to run klogd entirely without root privileges. + * + * Added support for macro PIDFILE_DIR which is used as pid file directory + * instead of _PATH_VARRUN. + * * Steve Lord ([EMAIL PROTECTED]) 7th Nov 92 * * Modified to check for kernel info by Dr. G.W. Wettstein 02/17/93. @@ -279,7 +286,9 @@ #define LOG_LINE_LENGTH 1000 #ifndef TESTING -#if defined(FSSTND) +#if defined(PIDFILE_DIR) +static char*PidFile = PIDFILE_DIR klogd.pid; +#elif defined(FSSTND) static char*PidFile = _PATH_VARRUN klogd.pid; #else static char*PidFile = /etc/klogd.pid; @@ -303,6 +312,8 @@ static FILE *output_file = (FILE *) 0; +static char *kmsg_file = NULL; /* NULL means default /proc/kmsg */ + static enum LOGSRC {none, proc, kernel} logsrc; int debugging = 0; @@ -524,6 +535,22 @@ ksyslog(6, NULL, 0); } +/* Do we read kernel messages from a pipe? */ +if ( kmsg_file ) { +if ( !strcmp(kmsg_file, -) ) +kmsg = fileno(stdin); +else { +if ( (kmsg = open(kmsg_file, O_RDONLY)) 0 ) +{ +fprintf(stderr, klogd: Cannot open kmsg file, \ +%d - %s.\n, errno, strerror(errno)); +ksyslog(7, NULL, 0); +exit(1); +} +} +return proc; +} + /* * First do a stat to determine whether or not the proc based * file system is available to get kernel messages from. @@ -994,7 +1021,7 @@ chdir (/); #endif /* Parse the command-line. */ - while ((ch = getopt(argc, argv, c:df:iIk:nopsvx2)) != EOF) + while ((ch = getopt(argc, argv, c:df:iIk:nopP:svx2)) != EOF) switch((char)ch) { case '2': /* Print lines with symbols twice. */ @@ -1028,6 +1055,9 @@ case 'p': SetParanoiaLevel(1);/* Load symbols on oops. */ break; +case 'P': /* Alternative kmsg file path */ +kmsg_file = strdup(optarg); +break; case 's': /* Use syscall interface. */ use_syscall = 1; break; @@ -1039,7 +1069,6 @@ break; } - /* Set console logging level. */ if ( log_level != (char *) 0 ) { --- sysklogd-1.4.1.orig/klogd.8 +++ sysklogd-1.4.1/klogd.8 @@ -21,6 +21,9 @@ .RB [ \-n ] .RB [ \-o ] .RB [ \-p ] +.RB [ \-P +.I path +] .RB [ \-s ] .RB [ \-k .I fname @@ -58,18 +61,23 @@ is started and controlled by .BR init (8). .TP -.B -o +.B \-o Execute in 'one\-shot' mode. This causes \fBklogd\fP to read and log all the messages that are found in the kernel message buffers. After a single read and log cycle the daemon exits. .TP -.B -p +.B \-p Enable paranoia. This option controls when klogd loads kernel module symbol information. Setting this switch causes klogd to load the kernel module symbol information whenever an Oops string is detected in the kernel message stream. .TP -.B -s +.BI \-P path +Use \fIpath\fR instead of /proc/kmsg as the source of the kernel message. +Specify - to read from standard input. This allows klogd to run entirely +without root privileges. +.TP +.B \-s Force \fBklogd\fP to use the system call interface to the kernel message buffers. .TP @@ -100,10 +108,15 @@ .I /proc file system and the syscall (sys_syslog) interface, although ultimately they are one and the same. Klogd is designed to choose -whichever source of information is the most appropriate. It does this -by first checking for the presence of a mounted +whichever source of information is the most appropriate. If the +.B \-P +switch is used, +.B klogd +opens the specified path as the source of kernel log information. Otherwise +.B klogd +checks for the presence of a mounted .I /proc -file system. If this is found the +file system and if this is found the .I /proc/kmsg file is used as the source of kernel log information. If the proc file system is not mounted @@ -321,7 +334,7 @@ .B klogd to reload the module symbol information
Bug#253588: this bug / #253588: tcp(7) contains incorrect/biased information about syncookies
On Mon, Jan 08, 2007 at 03:19:47PM +0100, Andi Kleen wrote: Hi, Since you wrote much of the text of tcp.7, I thought it might be best to consult you. Would you be willing to take a look at the patch proposed here, and comment? For the full thread, see: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=253588 I don't think such a detailed discussion fits into the manpage. It drowns the other information and doesn't fit. If you want to change anything just say that syncookies are deprecated and shouldn't be used anymore. It's been two weeks and no actual arguments were voiced for or against my proposed patch. tcp.7 contains bad FUD about syncookies, which is a disgrace. Nothing shipped by Debian should contain FUD. See the wikipedia article at http://en.wikipedia.org/wiki/Syncookies which also says that 'The use of SYN Cookies does not break any protocol specifications, and therefore should be compatible with all TCP implementations.' This is actually a well-known fact in the security community, which makes the presence of the FUD in tcp.7 all the more appalling. If you have any more technical concerns, I can refer you to peer-reviewed papers that deal with anti-synflood mechanisms. You won't find any that support the view that '[syncookies are] a violation of the TCP protocol.' No arguments have been brought forth to support this view in this thread either. Please, remove the FUD. I'd be happy to help, so if you don't like my proposed text, tell me how it should be different (e.g. shorter); but let's not wait another three years, shall we? Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: My software never has bugs. It just develops random features. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#253588: this bug / #253588: tcp(7) contains incorrect/biased information about syncookies
On Thu, Jan 25, 2007 at 09:20:55AM +1100, Andi Kleen wrote: tcp.7 contains bad FUD about syncookies, I don't see any FUD in there tcp_syncookies (Boolean) Enable TCP syncookies. The kernel must be compiled with CON- FIG_SYN_COOKIES. Send out syncookies when the syn backlog queue of a socket overflows. The syncookies feature attempts to pro- tect a socket from a SYN flood attack. This should be used as a last resort, if at all. This is a violation of the TCP proto- col, and conflicts with other areas of TCP such as TCP exten- sions. It can cause problems for clients and relays. It is not ~ recommended as a tuning mechanism for heavily loaded servers to help with overloaded or misconfigured conditions. For recom- mended alternatives see tcp_max_syn_backlog, tcp_synack_retries, and tcp_abort_on_overflow. I underlined the FUD. Summary of facts: - syncookies are a particular choice of initial sequence number. A host is allowed to choose its inital sequence number. No violation there. - as for the conflict: indeed, a connection saved by syncookies cannot use large windows. But the connection would have been lost without syncookies, because the backlog has to be full for syncookies to be used. So effectively, you are saying that while syncookies 'conflict with TCP extensions', dropping the connection attempts does not. - because initial sequence numbers are arbitrary, a particular choice of sequence number cannot cause problems for clients or relays, because they can't assume anything about the ISN anyway. - actually, there is no other working mechanism in the Linux kernel that would allow a host to weather a syn flood while still being able to provide TCP service on the attacked ports. (I guess you could come up with something very complicated using tc, but that would still drop legitimate connections from the same subnet as the attack.) Therefore, the best advice is in fact to _enable_ syncookies unless the server has asymmetric bandwidth, with upstream being much less than downstream. But I'd be interested in hearing your arguments. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Sure you can trust the government. Just ask the Indians. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#253588: this bug / #253588: tcp(7) contains incorrect/biased information about syncookies
On Thu, Jan 25, 2007 at 09:20:55AM +1100, Andi Kleen wrote: tcp.7 contains bad FUD about syncookies, I don't see any FUD in there Hey, you actually _wrote_ much of the Linux syncookie implementation. Now I'm really interested in knowing why you changed your mind about them. And the manpage should definitely include your arguments, if they are valid, which I still doubt. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Minel tobb emberrel talalkozom, annal jobban szeretem a kutyamat. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#287369: closed by Sven Arvidsson [EMAIL PROTECTED] (Close 287369)
On Thu, Apr 26, 2007 at 08:45:12PM +, Debian Bug Tracking System wrote: Hi, I'm closing this bug as there have been no activity, or no response to followup questions, and new releases of the package in question which likely has fixed this bug or made it obsolete. Sorry, I didn't receive your followup from 2005. I'm not currently in a position to test this behaviour with a new version of nautilus, but I can at least attach a test file. I'll try to remember and see what nautilus does with it. Just give me a few days. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Learn bomb disposal at home. Send 29.95 to... ˙ţ T h i s i s a t e x t f i l e c r e a t e d w i t h M i c r o s o f t Ž W o r d ! a n d s a v e d a s U n i c o d e T e x t . B l a B l a B l a L e t s a d d a f e w i n t e r n a t i o n a l c h a r a c t e r s f o r g o o d m e a s u r e : Ö t s z é p s z qz l á n y Qr ü l t í r ó t n y ú z . V o i x a m b i g u ë d ' u n c o e u r q u i a u z é p h y r p r é f č r e l e s j a t t e s d e k i w i s . E l v e l o z m u r c i é l a g o h i n d ú c o m í a f e l i z c a r d i l l o y k i w i . L a c i g ü e ń a t o c a b a e l s a x o f ó n d e t r á s d e l p a l e n q u e d e p a j a . P i j a m a l 1 h a s t a , y a 1z _o f ö r e ç a b u c a k g ü v e n d i . '5H[5 FR5Z5 [EMAIL PROTECTED] _0: ?1YH020 [EMAIL PROTECTED];870F8XC 35=A:8E [EMAIL PROTECTED] !J5HL 5IQ MB8E O3:8E [EMAIL PROTECTED]:8E 1C;:, 40 2K?59 65 G0N. P Yí l i a ~l u eo u k ý k oH ú p l á b e l s k é ó d y . K Ud e aea s t n ý c h a t o v u í p r i ú s t í V á h u m :k v e h o k o Ha ~r a e k ô r u a e r s t v é m ä s o .
Bug#287369: closed by Sven Arvidsson [EMAIL PROTECTED] (Close 287369)
On Fri, Apr 27, 2007 at 12:09:11AM +0200, Sven Arvidsson wrote: On Thu, 2007-04-26 at 23:21 +0200, Andras Korn wrote: Sorry, I didn't receive your followup from 2005. I'm not currently in a position to test this behaviour with a new version of nautilus, but I can at least attach a test file. I'll try to remember and see what nautilus does with it. Just give me a few days. Sure, a test file would be great. OK, I can confirm the bug is gone in nautilus 2.16.0-0ubuntu3. Not sure when it disappeared. Thanks Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Hardware: The part you kick. Software: this you corrupt!
Bug#432265: Uses more than double amount of memory on 64bit
Package: amavisd-new Version: 1:2.4.2-6.1 Severity: normal Hi, I just noticed that two almost identical amavisd-new installations had wildly different memory usages. The only difference is that one system is i386, whereas the other amd64. On i386, top reports: VIRT RES SHR CODE DATA SWAP nFLT %MEM TIME+ COMMAND 58660 52m 5176 1024 46m 47009 5.3 0:01.94 amavisd (master) 59428 49m 1468 1024 46m 91760 4.9 0:00.00 amavisd (virgin child) 59428 49m 1440 1024 46m 92040 4.9 0:00.01 amavisd (virgin child) 59428 49m 1464 1024 46m 91800 4.9 0:00.01 amavisd (virgin child) Whereas on amd64: VIRT RES SHR CODE DATA SWAP nFLT %MEM TIME+ COMMAND 164m 95m 9016 12 83m 68m 12 9.5 0:02.93 amavisd (master) 165m 88m 1408 12 83m 77m0 8.8 0:00.01 amavisd (virgin child) 165m 88m 1400 12 83m 77m0 8.8 0:00.01 amavisd (virgin child) 165m 88m 1372 12 83m 77m0 8.8 0:00.01 amavisd (virgin child) Both were started a few minutes ago, so the difference isn't caused by the 64bit version having been running for a long time. I'm having a hard time accepting this difference as normal. Maybe this is a bug in perl? i386: This is perl, v5.8.8 built for i486-linux-gnu-thread-multi amd64: This is perl, v5.8.8 built for x86_64-linux-gnu-thread-multi Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: The future has been cancelled owing to lack of interest. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#430951: Please support linux-vserver
Package: runit Version: 1.7.2-1 Severity: wishlist Hi, it would be great to be able to use runit to supervise processes running in vserver guests. Using a kludge, this is already sort of possible; see http://linux-vserver.org/Running_runit-supervised_services_inside_a_vserver Essentially, the only addition needed is to do something like xid_t xid = vc_get_task_xid(child); vc_ctx_kill(xid, child, signal); instead of just kill(), provided vserver support is enabled in runit and the kernel. See http://people.linux-vserver.org/~dhozac/t/signal-relay.c which is the kludge program to enable runit to control processes in vserver guests. I guess this support needs to be a compile-time option to avoid creating unnecessary dependencies. Thanks Andras -- System Information: Debian Release: 4.0 APT prefers feisty-updates APT policy: (1200, 'feisty-updates'), (1200, 'feisty-security'), (1200, 'feisty-backports'), (1200, 'feisty'), (100, 'experimental'), (100, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20.13-vs2.2.0-chardonnay Locale: LANG=, LC_CTYPE=hu_HU (charmap=ISO-8859-2) runit depends on no packages. Versions of packages runit recommends: pn fgettynone (no description available) -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A stitch in time would have confused Einstein. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#431069: Unnecessary dependency on patch
Package: cupsys Version: 1.2.7-2 Severity: normal Hi, cupsys depends on patch but doesn't appear to use it. dlocate -L cupsys | xargs zfgrep patch only returns hits from the documentation. Maybe the dependency isn't needed? Andras -- System Information: ... Versions of packages cupsys depends on: ... ii patch 2.5.9-4 Apply a diff file to an original ... -- debconf information excluded -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Beauty is just a light switch away... 'click!' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#419003: 64bit issues
exit(1 unfinished ... SYS_exit_group(1 unfinished ... +++ exited (status 1) +++ uname -a: Linux cador 2.6.15-1-amd64-generic #2 Tue Mar 7 06:24:40 UTC 2006 x86_64 GNU/Linux -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (1200, 'unstable'), (500, 'feisty') Architecture: amd64 (x86_64) Kernel: Linux 2.6.19.2-vs2.2.0-rc8.7-hellgate (PREEMPT) Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Shell: /bin/sh linked to /bin/bash Versions of packages sing depends on: ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy ii libc6 2.5-0ubuntu9 GNU C Library: Shared libraries ii libnet0 1.0.2a-7 library for the construction and h ii libpcap0.8 0.9.5-1 System interface for user-level pa sing recommends no packages. -- debconf information excluded Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Mind Like A Steel Trap - Rusty And Illegal In 37 States. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#324524: Copyright text not embedded in small images that don't need resizing
Package: libapache-gallery-perl Version: 0.99-svn050524-1 Severity: normal Hi, if an image is smaller than the minimum selectable resolution specified in the configuration, that is, A::G doesn't need to resize it, the copyright image isn't superimposed on it; effectively, the user gets to see the original, even if originals are otherwise not served. Example: http://chardonnay.math.bme.hu/~korn/gallery/Egyeb/20050820-repulok/ The second, relatively high-resolution picture has the copyright; the other, low-res (and poor quality, but that's not the point) pictures don't. Obviously there will be a point where the original image is smaller than the copyright image, but this is not it. Best regards, Andras -- System Information: Debian Release: testing/unstable APT prefers warty-updates APT policy: (500, 'warty-updates'), (500, 'warty-security'), (500, 'warty'), (500, 'oldstable'), (500, 'hoary-security'), (500, 'hoary'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7-chardonnay-skas3-v8-rc2 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages libapache-gallery-perl depends on: ii libapache-request-perl1.1-0.1Generic Apache Request Library ii libimage-imlib2-perl 1.04-1 perl interface to the imlib2 imagi ii libimage-info-perl1.16-2 allows extraction of meta informat ii libimage-size-perl2.992-1determine the size of images in se ii libtemplate-perl 2.14-1 template processing system written ii libtext-template-perl 1.44-1.1 Text::Template perl module ii perl 5.8.7-4Larry Wall's Practical Extraction libapache-gallery-perl recommends no packages. -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Discoveries are made by not following instructions. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#329146: Please add setting to the effect of don't pop up any windows other than conversation windows. ever. not even if you, like, really feel like it.
Package: gaim Version: 1:1.5.0-1 Severity: wishlist Hi, gaim currently pops up all kinds of windows whether the user wants them or not: - the buddy list is popped up when the user checks an 'online' checkbox in the account dialog - connection status notification windows are popped up when auto-reconnecting (sometimes the buddy list seems to pop up too) - connection error notifications are popped up if a connection error occurs - the away message has its own window, which negates away status if closed What's really annoying is that some of these windows even steal input focus or overlap other gaim windows the user had been working with. A good example of this is the buddy list, which tends to appear right on top of the accounts dialog so I can't log on with more than one account at a time without closing it. (Sure, I could move it away, but I'd prefer if it didn't even appear in the first place.) The connection status notification dialogs behave in a similar way, but at least they disappear on their own after a while. Some of these can/could apparently be disabled via preferences, but the settings are confusing (it's not obvious which window is which, or where to disable a certain popup - for example, what's the difference between hide disconnect errors and hide login errors in the auto-reconnect plugin settings?). I think it would be better to have all window-related settings in one place (possibly keeping them in their current location as well for the sake of people who somehow got used to them as they are). -- System Information: Debian Release: testing/unstable APT prefers warty-updates APT policy: (500, 'warty-updates'), (500, 'warty-security'), (500, 'warty'), (500, 'hoary-security'), (500, 'hoary'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7-chardonnay-skas3-v8-rc2 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages gaim depends on: ii gaim-data1:1.5.0-1 multi-protocol instant messaging c ii libao2 0.8.6-1.1 Cross Platform Audio Output Librar ii libaspell15 0.60.3-5GNU Aspell spell-checker runtime l ii libatk1.0-0 1.10.3-1The ATK accessibility toolkit ii libaudiofile00.2.6-6 Open-source version of SGI's audio ii libc62.3.5-6 GNU C Library: Shared libraries an ii libgcrypt11 1.2.1-4 LGPL Crypto library - runtime libr ii libglib2.0-0 2.8.0-1 The GLib library of C routines ii libgnutls11 1.0.16-13.1 GNU TLS library - runtime library ii libgtk2.0-0 2.8.3-1 The GTK+ graphical user interface ii libgtkspell0 2.0.10-3a spell-checking addon for GTK's T ii libice6 6.8.99.900.dfsg.1-0pre1 Inter-Client Exchange library ii libpango1.0-01.10.0-2Layout and rendering of internatio ii libsm6 6.8.99.900.dfsg.1-0pre1 X Window System Session Management ii libstartup-notif 0.8-1 library for program launch feedbac ii libx11-6 6.8.99.900.dfsg.1-0pre1 X Window System protocol client li ii libxext6 6.8.99.900.dfsg.1-0pre1 X Window System miscellaneous exte ii libxss1 6.8.99.900.dfsg.1-0pre1 X Screen Saver client-side library ii xlibs6.8.99.900.dfsg.1-0pre1 X Window System client libraries m gaim recommends no packages. -- no debconf information Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A day without sunshine is like a night. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#316360: Please update magyar.ldf
Package: tetex-base Version: 3.0-3 Severity: wishlist Tags: l10n Hi, please update /usr/share/texmf/tex/generic/babel/magyar.ldf to the new version available from http://www.math.bme.hu/~pts/cvsget.cgi/u=magyar/p=/M=lakk/c=f1/n=/lakk/texmf/tex/generic/magyar/magyar.ldf - the mathematicians tell me many things don't work correctly with the old one. I can ask them to elaborate if necessary. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I'd love to go out with you, but I have to floss my cat. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#316360: Please update magyar.ldf
On Thu, Jun 30, 2005 at 05:32:26PM +0200, Frank Küster wrote: Package: tetex-base Version: 3.0-3 Severity: wishlist Tags: l10n Hi, please update /usr/share/texmf/tex/generic/babel/magyar.ldf to the new version available from http://www.math.bme.hu/~pts/cvsget.cgi/u=magyar/p=/M=lakk/c=f1/n=/lakk/texmf/tex/generic/magyar/magyar.ldf - the mathematicians tell me many things don't work correctly with the old one. I can ask them to elaborate if necessary. Ah, interesting. What kind of repository is this, and what is the lakk module? Um, I have no idea whatsoever. Putting Peter Szabo on Cc, maybe he can clarify. teTeX is usually made from CTAN, therefore it would be best if you ask Peter Szabo to upload the file (together with magyar.dtx) to CTAN. Furthermore, he should add again the license statement that was in the earlier version. I hope that this is in fact a newer version, and not a fork -- the file in our package says that Arpad Biro and Joszef Berces own copyright from work until 2004 and doesn't mention Peter Szabo, while the file at the above link says that Peter was working on it since 2003, and Joszef stopped working in 2001. This should really be cleared up -- unfortunately I don't have an e-mail address of any of them. Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Nem iszom tobbet. De kevesebbet sem. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478966: cron.daily/standard not silent
Package: cron Version: 3.0pl1-100 Severity: normal Hi, the following part of the standard cronjob can produce an uninteresting error message: # Get a list of the (potential) ext2, ext3 and xfs l+f directories df -P --type=ext2 --type=ext3 --type=xfs | If there are no matching filesystems, this says df: no file systems processed which is neither helpful nor interesting, but results in mail being sent. I suggest 21 and grepping this particular error out, or something similar. Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22.18-vs2.2.0.6-arcadia (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Shell: /bin/sh linked to /bin/bash Versions of packages cron depends on: ii adduser 3.105 add and remove users and groups ii debianutils 2.25.2 Miscellaneous utilities specific t ii libc62.7-6 GNU C Library: Shared libraries ii libpam0g 0.99.7.1-5 Pluggable Authentication Modules l ii libselinux1 2.0.15-2+b1 SELinux shared libraries ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip Versions of packages cron recommends: ii qmail [mail-tra 1.03-43+kqmail20051105-7 Secure, reliable, efficient, simpl -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I just got my phone bill. Buy ATT stock now! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478967: cron.daily/standard contains race condition
Package: cron Version: 3.0pl1-100 Severity: normal While looking at the script, I couldn't help noticing what I believe to be a race condition with potentially harmful conseqences. In the beginning, you have: lockfile-touch $LOCKFILE LOCKTOUCHPID=$! Then you do a number of things which can potentially take forever, and in the end you have: if [ -x /usr/bin/lockfile-create ] ; then kill $LOCKTOUCHPID lockfile-remove $LOCKFILE fi There are several things wrong with this: #1. lockfile-touch may die in the meantime (for whatever reason, OOM is one example that comes to mind). Its PID may be reused, so in the end, you may end up killing the wrong process. Also, if lockfile-touch dies, a second instance of the standard script may obtain a lock on the lockfile and execute in parallel with the previous one, and so on. #2. lockfile-create may be uninstalled while the script is being executed, so you start a lockfile-touch process in the beginning but don't kill it at the end. The process may stick around forever. Better test for [ -n $LOCKTOUCHPID ], if you must do locking this way. Regarding #1, I think it would be a far better approach to launch the script so that it itself holds a lock on the lockfile. chpst(8) from the runit package could be used for that, like this: #!/bin/sh LOCKFILE=/var/lock/cron.daily.lock [ $1 != have-lock ] || exec chpst -L $LOCKFILE $0 have-lock # rest of script This results in chpst getting a lock for $LOCKFILE and then exec()ing the daily standard script again, with the lockfile open on one of its FDs and the lock held. The lock automatically expires when the script exits. No need to keep a lockfile daemon running or to use fragile heuristics to kill random processes at the end. :) chpst exits with an error if it can't get the lock. I'm sure lockfile-progs could be enhanced to include similar (trivial) functionality if you don't want to rely on chpst. Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22.18-vs2.2.0.6-arcadia (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Shell: /bin/sh linked to /bin/bash Versions of packages cron depends on: ii adduser 3.105 add and remove users and groups ii debianutils 2.25.2 Miscellaneous utilities specific t ii libc62.7-6 GNU C Library: Shared libraries ii libpam0g 0.99.7.1-5 Pluggable Authentication Modules l ii libselinux1 2.0.15-2+b1 SELinux shared libraries ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip Versions of packages cron recommends: ii qmail [mail-tra 1.03-43+kqmail20051105-7 Secure, reliable, efficient, simpl -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Ok, I pulled the pin. Now what? Where are you going? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#478967: cron.daily/standard contains race condition
Hey, I just noticed I reported this problem already, almost five years ago. :) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=194805#15 But I didn't suggest a better solution then, so there is some progress at least. :) Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Karbantartas miatt a PCI buszok vonalain holnapig AT buszok kozlekednek. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#149395: This is really two requests.
Hi, for some reason, I never received your follow-up from 2003. I just found it while browsing my bugreports. Yep, an include directive would be nice. Under what circumstances do you think it is needed? It would be especially great if it could work recursively, like apache's. Scripts could generate, remove and update interface definitions a lot more easily (because there would only be one interface definition per file). Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: The Jews are God's chosen people. The Eskimos are God's frozen people. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386207: Please improve documentation
On Sun, May 04, 2008 at 12:49:31PM +0200, Michael Mende wrote: Hi, I guess the problem is solved by linking against libpcre. This is good news. I tried to reproduce your example with current version and it worked as expected: CheckURL ^/foo($|/): http://bla/foo - HTTP/1.1 404 Not Found http://bla/foo/- HTTP/1.1 404 Not Found http://bla/foo/bla - HTTP/1.1 404 Not Found http://bla/blafoo/ - HTTP/1.0 501 Not Implemented The 404 errors are ok, because there is no `foo' on the webserver. If you have no objection, I would like to close this bug. Fine with me, as long as the documentation says that perl compatible regular expressions can be used. I think a single sentence suffices. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: After they make styrofoam, what do they ship it in? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#354017: Please include fixed in xfonts-base package description
Package: xfonts-base Version: 6.8.99.900.dfsg.1-0pre1 Severity: minor Hi, currently it's difficult for someone with little knowledge of the Debian package pool to find out what package is missing if an X server reports unable to open default font 'fixed'. It would be great if apt-cache search could be used to discover xfonts-base. The paragraph If you are not using a remote font server, you must install this package if you are installing an X server. It contains fonts without which X servers will not work. could be rephrased to read If you are not using a remote font server, you must install this package if you are installing an X server. It contains fonts such as 'fixed' without which X servers will not work. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: How do you make Windows faster? Throw it harder! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#351436: Please make graph_width, graph_height and possibly others configurable per-node and/or per-server
Package: munin-node Version: 1.2.4-1 Severity: wishlist Hi, it'd be useful to be able to adjust the size of the graphs centrally. Shouldn't be very hard to do either. If the plugin doesn't specify graph_width, just use what's in the nodewise or serverwise config. Andras Ps. and what about the nut plugin I submitted? :) -- System Information: Debian Release: unstable APT prefers breezy-security APT policy: (500, 'breezy-security'), (500, 'breezy'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7-chardonnay-skas3-v8-rc2 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages munin-node depends on: ii adduser 3.77 Add and remove users and groups ii libnet-server-perl0.87-3 An extensible, general perl server ii lsb-base 3.0-15 Linux Standard Base 3.0 init scrip ii perl 5.8.7-5Larry Wall's Practical Extraction ii procps1:3.2.5-1 /proc file system utilities Versions of packages munin-node recommends: pn libnet-snmp-perl none (no description available) -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I'd love to go out with you, but it's too close to the turn of the century. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#352837: Consider using irc (perhaps other IM?) as a communication backend
Package: munin Version: 1.2.4-1 Severity: wishlist Hi, a crazy idea just hit me. Wouldn't it be cool to use irc, or some other instant messenger as the communication medium between the munin 'server' and munin-nodes? The server and all the nodes would just join a channel on a server; the nodes would periodically announce their values (or they could be prompted via PRIVMSG), and the grapher would just need to harvest the channel for the data. The advantage would be that no direct 'server'=node communication would be necessary, which can be tricky in firewalled/NATed/dynamic IP scenarios. Also, the overhead of setting up potentially large numbers of tcp sessions could be eliminated. There certainly are security issues (channel takeover and whatnot), but these are only relevant if a public irc network is used. The channel could have a key; the chatter could be encrypted; etc. Other IMs like ICQ and Jabber could also be used. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I'd give my right arm to be ambidextrous. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#355607: svlogd: please support hierarchical configuration
Package: runit Version: 1.3.3-1 Severity: wishlist Hi, I'm using socklog and svlogd to manage logs coming in from several boxes via UDP. Configuration would be a lot easier if I could have a hierarchical setup where I have a directory tree for each syslog client and can select only lines coming from that client in the root of that tree. For example, assuming I have box1 at 1.2.3.4 and box2 at 2.3.4.5, I'd like to be able to have the following directory tree: box1/ box1/mail/ box1/cron/ box1/kernel/ [...] box2/ box2/firewall/ box2/kernel/ box2/mail/ [...] box1/config could read something like this: ---8--- -* +1.2.3.4:* /mail /cron /kernel ---8--- In box1/mail I would then do: ---8--- s123456 n123 -* +*mail* ---8--- The benefit would be that I could use the same 'mail/config' for both box1 and box2, and would only need to modify the IP address of each box in one place if it changes. The inverse could also be useful (mail/box1, mail/box2 etc.). Although something similar albeit less flexible can already be achieved using a template-based approach with e.g. sed, I feel this feature wouldn't bloat svlogd very much. I don't think directory trees deeper than, say, 3 levels would be useful either. Best regards, Andras Ps. any plans to implement multilog's = command (log status to file)? -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Crime, Sex, Alcohol, Drugs... God, I love Congress! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#355859: When using pinning or --target-release, upgrades packages to the already installed version
Package: apt Version: 0.6.43.2ubuntu1 Severity: normal Hi, If pinning or the --*-release= options are used, apt seems to treat available packages with the highest priority as newer than the already installed packages even if they have the same version. This is from an apt-get dist-upgrade: [...] Preparing to replace ncftp 2:3.1.9-1 (using .../ncftp_2%3a3.1.9-1_amd64.deb) ... Preparing to replace netmask 2.3.7 (using .../netmask_2.3.7_amd64.deb) ... Preparing to replace netmon-applet 0.4-11 (using .../netmon-applet_0.4-11_amd64.deb) ... Preparing to replace ntfsprogs 1.12.1-1 (using .../ntfsprogs_1.12.1-1_amd64.deb) ... [...] If I rerun apt-get dist-upgrade after it has completed, it again tries to upgrade the same packages to the already installed version. While this is mostly harmless, it potentially wastes large amounts of bandwidth. # apt-get -u dist-upgrade Reading package lists... Done Building dependency tree... Done Calculating upgrade... Done The following packages have been kept back: libkrb5-17-heimdal sasl2-bin unixodbc The following packages will be upgraded: antiword apcalc atftp aumix awesfx base-passwd bc camorama ccache cpio cvs dc deborphan devfsd directory-administrator dlocate dmake docbook-xml dosbox dosfstools dvdauthor fbset fdutils finger flow-tools fping freeglut3 ftp glunarclock gnome-doc-tools gnome-photo-printer gnome-randr-applet gnome-swallow-applet gocr gpdf gphotocoll grep grep-dctrl groff groff-base gsfonts gtk2-engines-cleanice gtk2-engines-magicchicken gtk2-engines-qtpixmap gtk2-engines-spherecrystal gtk2-engines-wonderland gtkhtml3.6 gtm gtweakui gzip hermes1 html2text indent ipchains ipmasqadm ksymoops less libaa1 libadns1 libapr0 libatm1 libaudiofile0 libavc1394-0 libbeecrypt6 libcap1 libcln4 libcroco3 libdb2 libdb3 libdb3-util libdc1394-13 libdvbpsi4 libdvdread3 libedit2 libelfg0 libevent-perl libevent1 libexpat1 libgc1c2 libgcrypt11 libgdbm3 libgdk-pixbuf-gnome2 libgdk-pixbuf2 libgimpprint1 libgnomecups1.0-1 libgnomeprint-bin libgnomeprint15 libgtk1.2 libgtkhtml3.6-18 libgtkspell0 libid3-3.8.3c2a libid3tag0 libieee1284-3 libimlib2 libintl-gettext-ruby1.8 libintl-xs-perl liblocale-gettext-perl liblockfile1 libltdl3 liblzo1 libmad0 libmodplug0c2 libmpcdec3 libnfsidmap1 libntfs8 libopencdk8 liborbit0 libpcap0.8 libpcd2 libpixman1 libpng12-0 libpvm3 libqalculate1 libruby1.8 libsdl-net1.2 libshout3 libsmpeg0 libsqlite3-0 libtag1c2a libtar libtext-charwidth-perl libtext-iconv-perl libwavpack0 libwmf0.2-7 libxml-parser-ruby1.8 libxml1 localepurge logrotate lsof m4 man-db mdetect menu mii-diag mpg321 nasm ncftp netmask netmon-applet ntfsprogs nvi pidentd pkg-config powermgmt-base ppthtml prelink psmisc pump pvm python2.3-numeric qalc rdesktop ruby1.8 sed setserial sgml-data shared-mime-info sharutils socklog sox tcsh telnet time toolame traceroute vacation vgrind vorbis-tools wamerican watchdog wget zip 172 upgraded, 0 newly installed, 0 to remove and 6 not upgraded. Need to get 0B/35.1MB of archives. After unpacking 0B of additional disk space will be used. Do you want to continue [Y/n]? All these packages are already the version apt wants to upgrade them to. While this specific box runs an apt from Ubuntu, the problem is also present in Debian's apt. /etc/apt/preferences: Package: * Pin: release o=Ubuntu Pin-Priority: 1200 Package: * Pin: release o=Debian Pin-Priority: 100 Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Taxation is little more than legalized extortion. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#360984: Tries to update auto-whitelist for wrong user
Package: spamassassin Version: 3.1.0a-2 Severity: normal Hi, I run spamassassin with the following command line: spamd -c -H -m 2 -i 0.0.0.0 -A some-ips --syslog-socket=unix Both local and remote users use spamc -f in their .procmailrc to have their mail filtered. auto-whitelisting is turned on. Sometimes (often), the following happens: 2006-03-24 03:31:30.188563500 [13731] info: spamd: connection from remoteclient [192.168.0.15] at port 49250 2006-03-24 03:31:36.071642500 [13731] info: spamd: handle_user unable to find user: remoteuser 2006-03-24 03:31:36.649337500 [13731] warn: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/sbin/spamd line 1150, GEN662 line 4. 2006-03-24 03:31:43.034921500 [13731] info: spamd: processing message message_id for remoteuser:65534 2006-03-24 03:32:35.643921500 [13731] error: locker: safe_lock: cannot create lockfile /home/localuser/.spamassassin/auto-whitelist.mutex: Permission denied 2006-03-24 03:32:35.694168500 [13731] warn: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create lockfile /home/localuser/.spamassassin/auto-whitelist.mutex: Permission denied 2006-03-24 03:32:35.765700500 [13731] error: Can't call method finish on an undefined value at /usr/share/perl5/Mail/SpamAssassin/Plugin/AWL.pm line 397. 2006-03-24 03:32:36.920501500 [13731] info: spamd: clean message (0.0/5.0) for elan:65534 in 67.3 seconds, 4017 bytes. 2006-03-24 03:32:36.932078500 [13731] info: spamd: result: . 0 - scantime=67.3,size=4017,user=remoteuser,uid=65534,required_score=5.0,rhost=remoteclient,raddr=192.168.0.15,rport=49250,mid=message_id,autolearn=no The username of remoteuser doesn't exist locally, so spamd is right in falling back to nobody. However, it shouldn't try to fiddle with the auto-whitelist settings of localuser (incidentally, one of the local users who also use spamc -f). Could it be that spamd somehow unintentionally remembers the location of the last auto-whitelist file it updated, and only changes this value if the specified local username exists, but not on falling back to the nobody user? Andras -- System Information: Debian Release: unstable APT prefers breezy-security APT policy: (500, 'breezy-security'), (500, 'breezy'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7-chardonnay-skas3-v8-rc2 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages spamassassin depends on: ii libdigest-sha1-perl 2.10-1 NIST SHA-1 message digest algorith ii libhtml-parser-perl 3.45-2 A collection of modules that parse ii libnet-dns-perl 0.48-1 Perform DNS queries from a Perl sc ii libsocket6-perl 0.17-1 Perl extensions for IPv6 ii perl 5.8.7-5Larry Wall's Practical Extraction Versions of packages spamassassin recommends: ii libmail-spf-query-perl1.997-2Query SPF (Sender Permitted From) ii perl [libmime-base64-perl]5.8.7-5Larry Wall's Practical Extraction ii spamc 3.1.0a-2 Client for SpamAssassin spam filte -- debconf information: spamassassin/upgrade/2.40: spamassassin/upgrade/2.40w: spamassassin/upgrade/cancel: Continue * spamassassin/upgrade/2.42: No spamassassin/upgrade/2.42m: No spamassassin/upgrade/2.42u: No -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Would you like a Y/N prompt (Y/N)? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#374796: Please apply attached patch to allow the hddtemp daemon to stay in the foreground
Package: hddtemp Version: 0.3-beta15-12 Severity: wishlist Tags: patch Hi, it would be nice to be able to run the hddtemp daemon under a process supervisor such as runit, daemontools or daemon. I added a -F command line switch that causes hddtemp to stay in the foreground even in daemon mode to facilitate this. Please apply my attached patch. Thanks Andras -- System Information: Debian Release: unstable APT prefers dapper-updates APT policy: (1200, 'dapper-updates'), (1200, 'dapper-security'), (1200, 'dapper'), (1200, 'breezy-security'), (1200, 'breezy'), (100, 'experimental'), (100, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.10+skasv3pre9-chardonnay-skas3-v9-pre9 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages hddtemp depends on: ii debconf [debconf-2.0]1.5.0 Debian configuration management sy ii grep 2.5.1.ds2-4 GNU grep, egrep and fgrep ii libc62.3.6-15GNU C Library: Shared libraries ii sed 4.1.4-4 The GNU sed stream editor hddtemp recommends no packages. -- debconf information excluded -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Everything is fine with the world - one mile under ground. diff -ur hddtemp-0.3-beta15/doc/hddtemp.8 hddtemp-0.3-beta15+foreground/doc/hddtemp.8 --- hddtemp-0.3-beta15/doc/hddtemp.82006-06-21 12:18:51.940989511 +0200 +++ hddtemp-0.3-beta15+foreground/doc/hddtemp.8 2006-06-21 12:19:15.888615926 +0200 @@ -80,6 +80,10 @@ .B \-q, \-\-quiet Don't check if the drive is supported. .TP +.B \-F, \-\-foreground +Don't fork into the background even in daemon mode. This is useful +when running under a process supervisor. +.TP .B \-v, \-\-version Display hddtemp version number. .TP diff -ur hddtemp-0.3-beta15/src/daemon.c hddtemp-0.3-beta15+foreground/src/daemon.c --- hddtemp-0.3-beta15/src/daemon.c 2006-06-21 12:18:51.940989511 +0200 +++ hddtemp-0.3-beta15+foreground/src/daemon.c 2006-06-21 12:19:07.124752634 +0200 @@ -273,28 +273,30 @@ fd_set deffds; time_t next_time; - switch(fork()) { - case -1: -perror(fork); -exit(2); -break; - case 0: -break; - default: -exit(0); - } - - setsid(); - - switch(fork()) { - case -1: -perror(fork); -exit(2); -break; - case 0: -break; - default: -exit(0); + if (!foreground) { +switch(fork()) { +case -1: + perror(fork); + exit(2); + break; +case 0: + break; +default: + exit(0); +} + +setsid(); + +switch(fork()) { +case -1: + perror(fork); + exit(2); + break; +case 0: + break; +default: + exit(0); +} } chdir(/); umask(0); diff -ur hddtemp-0.3-beta15/src/hddtemp.c hddtemp-0.3-beta15+foreground/src/hddtemp.c --- hddtemp-0.3-beta15/src/hddtemp.c2006-04-19 04:37:35.0 +0200 +++ hddtemp-0.3-beta15+foreground/src/hddtemp.c 2006-06-21 12:19:01.760836310 +0200 @@ -75,7 +75,7 @@ char separator = SEPARATOR; struct bustype * bus[BUS_TYPE_MAX]; -inttcp_daemon, debug, quiet, numeric, wakeup, af_hint; +inttcp_daemon, debug, quiet, numeric, wakeup, af_hint, foreground; static enum { DEFAULT, CELSIUS, FAHRENHEIT } unit; @@ -279,7 +279,7 @@ bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); - show_db = debug = numeric = quiet = wakeup = af_hint = syslog_interval = 0; + show_db = debug = numeric = quiet = wakeup = af_hint = syslog_interval = foreground = 0; unit = DEFAULT; portnum = PORT_NUMBER; listen_addr = NULL; @@ -302,10 +302,11 @@ {unit, 1, NULL, 'u'}, {syslog, 1, NULL, 'S'}, {wake-up,0, NULL, 'w'}, + {foreground, 0, NULL, 'F'}, {0, 0, 0, 0} }; -c = getopt_long (argc, argv, bDdf:l:hp:qs:u:vnw46S:, long_options, lindex); +c = getopt_long (argc, argv, bDdf:l:hp:qs:u:vnw46FS:, long_options, lindex); if (c == -1) break; @@ -391,6 +392,7 @@ -q --quiet : do not check if the drive is supported.\n -v --version : display hddtemp version number.\n -w --wake-up : wake-up the drive if need.\n + -F --foreground : don't daemonize. Stay in foreground.\n -4 : listen on IPv4 sockets only.\n -6 : listen on IPv6 sockets only.\n \n @@ -406,6 +408,9 @@ case 'w': wakeup = 1; break; + case 'F': +foreground = 1; +break; case 'S': { char *end = NULL; diff -ur hddtemp-0.3-beta15/src/hddtemp.h hddtemp-0.3-beta15+foreground/src/hddtemp.h --- hddtemp-0.3-beta15/src
Bug#375433: Please support custom commands in sv and/or runsv
Package: runit Version: 1.5.1-1 Severity: wishlist Hi, it'd be nice (for example during upgrades) if /etc/init.d/gdm reload could be made to work even if gdm is run supervised and /etc/init.d/gdm is a symlink to /usr/bin/sv. Arbitrary commands could be supported, provided the administrator supplied the appropriate action script. If these scripts could affect the output of sv(8), that would be wonderful, but probably hard to do in a robust way. Quite a few initscripts support numerous commands in addition to the standard start/stop/force-*, and replacing them with runit's sv would be a lot less painful if these could be supported transparently. I realize there is a difficulty with the one-character control fifo protocol, but I think there are several ways around that (for example, a new fifo could be used for the custom commands; that way, backward compatibility with daemontools could be retained). Regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I must follow them; I am their leader. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#369840: svlogd seems to ignore old unprocessed logs when deleting old log files during rotation
On Tue, Jun 06, 2006 at 03:35:32PM +, Gerrit Pape wrote: Hi, On Fri, Jun 02, 2006 at 03:28:15PM +, Gerrit Pape wrote: On Fri, Jun 02, 2006 at 04:59:39PM +0200, Andras Korn wrote: OK, here is a test scenario. Thanks Andras, I can reproduce it, and'll take a look soon. Hi, could you try this patch? Thanks, Gerrit. Sorry about the delay. The patch seems to fix the problem (at least I can no longer reproduce it systematically). Thanks! Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Just because you are paranoid, it doesn't mean they are not out to get you. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#372746: Please apply attached patch to allow and to run in foreground
Package: and Version: 1.2.2-1 Severity: wishlist Tags: patch Hi, the attached patch adds a '-f' switch to and(8) that causes it to stay in the foreground. This is useful when running it under a service monitor like runit. Thanks Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Barium: what you do with dead chemists. diff -u -r and-1.2.2/and.8.man and-1.2.2+fg/and.8.man --- and-1.2.2/and.8.man 2006-06-11 14:24:31.752873281 +0200 +++ and-1.2.2+fg/and.8.man 2006-06-11 14:23:49.636154000 +0200 @@ -5,7 +5,7 @@ .SH SYNOPSIS .B and -.RB [ \-htvsx ] +.RB [ \-htvsxf ] .RB [ \-i .IR interval ] .RB [ \-c @@ -101,6 +101,10 @@ Run in full operational mode, i.e. really renice or kill things. This is the default. +.TP 0.5i +.B \-f +Foreground mode. Don't daemonize. + .SH SIGNALS On diff -u -r and-1.2.2/and.c and-1.2.2+fg/and.c --- and-1.2.2/and.c 2004-04-05 21:19:01.0 +0200 +++ and-1.2.2+fg/and.c 2006-06-11 14:21:01.217289000 +0200 @@ -156,6 +156,7 @@ struct { char hostname [512]; int test; + int foreground; char *program; char *config_file; char *database_file; @@ -179,6 +180,7 @@ void set_defaults (int argc, char **argv) { and_config.test = 0; + and_config.foreground = 0; and_config.verbose = 0; and_config.to_stdout = 0; and_config.program = argv[0]; @@ -884,7 +886,7 @@ void and_getopt (int argc, char** argv) { -#define OPTIONS c:d:i:vstxh +#define OPTIONS c:d:i:vstxfh int opt, value; opt = getopt(argc,argv,OPTIONS); while (opt != -1) { @@ -921,12 +923,16 @@ case 'x': and_config.test = 0; break; +case 'f': + and_config.foreground = 1; + break; case 'h': printf(auto nice daemon version %s (%s)\n %s [-v] [-s] [-t] [-x] [-c configfile] [-d databasefile] [-i interval]\n -v: verbosity -v, -vv, -vvv etc\n -s: log to stdout (default is syslog, or debug.and)\n -x: really execute renices and kills (default)\n + -f: don't daemonize, stay in foreground\n -t: test configuration (don't really renice)\n -i interval: loop interval in seconds (default %i)\n -c configfile: specify config file (default %s)\n @@ -986,7 +992,11 @@ if (and_config.test) { and_worker(); } else { -if (fork() == 0) and_worker(); +if (and_config.foreground) { + and_worker(); +} else { + if (fork() == 0) and_worker(); +} } return 0; }
Bug#369840: svlogd seems to ignore old unprocessed logs when deleting old log files during rotation
Package: runit Version: 1.4.1-1 Severity: normal Hi, I just noticed that some of my log directories had many more log files in them than the value of the 'n' parameter in the corresponding svlogd config. A great deal of these were unprocessed .u files. Unfortunately, I'm not sure if there were also more .s files than configured, but I set up an experiment if you like. If the behaviour of not deleting .u files during log rotation is intentional, svlogd(8) should probably point it out. It currently does not. I expected .u and .s files to be treated the same way for the purposes of log rotation (as is the case with multilog). Andras -- System Information: Debian Release: unstable APT prefers dapper-updates APT policy: (1200, 'dapper-updates'), (1200, 'dapper-security'), (1200, 'dapper'), (1200, 'breezy-security'), (1200, 'breezy'), (100, 'experimental'), (100, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.10+skasv3pre9-chardonnay-skas3-v9-pre9 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Oops. My brain just hit another bad sector. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#369840: svlogd seems to ignore old unprocessed logs when deleting old log files during rotation
On Fri, Jun 02, 2006 at 02:36:03PM +, Gerrit Pape wrote: Hi, I just noticed that some of my log directories had many more log files in them than the value of the 'n' parameter in the corresponding svlogd config. A great deal of these were unprocessed .u files. Unfortunately, I'm not sure if there were also more .s files than configured, but I set up an experiment if you like. If the behaviour of not deleting .u files during log rotation is intentional, svlogd(8) should probably point it out. It currently does not. I expected .u and .s files to be treated the same way for the purposes of log rotation (as is the case with multilog). svlogd doesn't differentiate between .u, .t, and .s files, it looks for file name starting with @ that are 27 characters long. But svlogd doesn't reduce the number of old log files if there are already more than configured; I guess this is what happens to you. I know that, but this is not, I think, what happened to me. The number of files was definitely increasing. I'll try to reproduce this. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Teenagers are your punishment for enjoying sex! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#369840: svlogd seems to ignore old unprocessed logs when deleting old log files during rotation
Hi, OK, here is a test scenario. mkdir /tmp/svlogd-test cat EOF /tmp/svlogd-test/config s100 n3 !gzip -9 EOF svlogd /tmp/svlogd-test /dev/urandom Let it run for a while; it seems to work, there are never more than 3 @* files. Now press ctrl-c, and then restart svlogd. Repeat a few times. I was left with: -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc1feb0734.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc20bca35c.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc2192e304.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc2265d304.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc233999dc.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc240d7ff4.s -rwxr--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc24e03d2c.s -rw-r--r--+ 1 korn admin 123 Jun 2 16:57 @4000448051fc25b15484.t -rw-r--r--+ 1 korn admin 17 Jun 2 16:57 config -rw-r--r--+ 1 korn admin 100 Jun 2 16:57 current -rw---+ 1 korn admin0 Jun 2 16:57 lock -rw-r--r--+ 1 korn admin0 Jun 2 16:57 newstate -rw-r--r--+ 1 korn admin0 Jun 2 16:57 state Obviously way more than 3. So, somehow, when svlogd exits due to a signal, the number of logfiles can get out of hand. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: What we call work the Mexicans call siesta. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#369840: svlogd seems to ignore old unprocessed logs when deleting old log files during rotation
On Tue, Jun 06, 2006 at 03:35:32PM +, Gerrit Pape wrote: Hi, On Fri, Jun 02, 2006 at 04:59:39PM +0200, Andras Korn wrote: OK, here is a test scenario. Thanks Andras, I can reproduce it, and'll take a look soon. Hi, could you try this patch? Thanks, Gerrit. Yes, will do, either today or tomorrow. Thanks -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Sometimes too much to drink is barely enough. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385292: Please include -P option as in Ubuntu
Package: klogd Version: 1.4.1-18 Severity: wishlist Hi, Ubuntu's klogd has a -P option that does this: -P path Use path instead of /proc/kmsg as the source of the kernel message. Specify - to read from standard input. This allows klogd to run entirely without root privileges. The idea then is to use a dd process to shovel messages from /proc/kmsg into a fifo for klogd to read. The security benefits, while admittedly somewhat far-fetched, should be obvious (an attacker can theoretically exercise some control over the messages the kernel logs, so a bug in klogd could conceivably be exploited in this manner). Additionally, this seems to work around a problem where klogd used to garble kernel messages when they were arriving at a high rate (this isn't easy to describe and probably impossible to reproduce on purpose: it's as if some lines were logged incompletely, or fragments of other lines inserted). Since Ubuntu obviously has a patch for -P, it shouldn't be hard to include it in Debian's klogd too. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Energizer Bunny arrested. Charged with battery. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385308: Please provide way to run xend in the foreground, without daemonizing
Package: xen-utils-3.0 Version: 3.0.2+hg9697-2 Severity: wishlist Hi, it would be nice to run xend under the supervision of runit. xenconsoled and xenstored already provide relevant switches (-i and --no-fork). Thanks Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Paranoid: someone who just figured out what's going on. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385308: [Pkg-xen-devel] Bug#385308: Please provide way to run xend in the foreground, without daemonizing
On Wed, Aug 30, 2006 at 03:08:21PM +0200, Bastian Blank wrote: On Wed, Aug 30, 2006 at 02:21:07PM +0200, Andras Korn wrote: it would be nice to run xend under the supervision of runit. xenconsoled and xenstored already provide relevant switches (-i and --no-fork). They are started by xend, so please provide concret informations. I'm not sure in what way I wasn't specific enough, but anyway: What I do now is run xenconsoled and xenstored from runit, but xend still has to be started the System V init way. I'd like to run that under runit too. root 3953 Ss 11:26 0:00 runsvdir -P /var/service log: ... [...] root 3549 Ss 14:55 0:00 \_ runsv xenconsoled log 3626 S14:55 0:00 | \_ svlogd -t /var/log/sv/xenconsoled root 3847 Sl 14:57 0:00 | \_ /usr/sbin/xenconsoled -i root 3840 Ss 14:57 0:00 \_ runsv xenstored log 3841 S14:57 0:00 | \_ svlogd -t /var/log/sv/xenstored root 3843 S14:57 0:00 | \_ /usr/sbin/xenstored --no-fork root 5271 S15:26 0:00 python /usr/sbin/xend start root 5272 Sl 15:26 0:00 \_ python /usr/sbin/xend start This way xend doesn't start them, because they are already running by the time xend starts. (xend stop doesn't stop them in either case, which might be a bug, btw.) I can now do this: # sv status xenconsoled run: xenconsoled: (pid 3847) 3253s; run: log: (pid 3626) 3350s And runit restarts xenconsoled for me should it ever crash. Same for xenstored. I don't know enough about the architecture of xen to say whether it would be better to have xenconsoled and xenstored started by xend or not, I just know I'd like to get away from System V init and use runit to the extent possible. AFAICT now, having a foreground argument to xend (instead of start) is all that's needed. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Southern DOS: Y'all reckon? (yep/Nope) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385335: new entry ST3160811AS 194 C Seagate ST3160811AS
Package: hddtemp Version: 0.3-beta14-5 Severity: wishlist Hi, ST3160811AS 194 C Seagate ST3160811AS This seems to work well with my 160G Seagate SATA drive. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Ifyoucanreadthis,youspendtoomuchtimefiguringoutnonsense! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#385308: [Pkg-xen-devel] Bug#385308: Please provide way to run xend in the foreground, without daemonizing
On Wed, Aug 30, 2006 at 03:08:21PM +0200, Bastian Blank wrote: On Wed, Aug 30, 2006 at 02:21:07PM +0200, Andras Korn wrote: it would be nice to run xend under the supervision of runit. xenconsoled and xenstored already provide relevant switches (-i and --no-fork). They are started by xend, so please provide concret informations. OK, they don't work when not started by xend: xend can't connect to the xenstored socket, which is strange because unixclient can. I guess xend removes and recreates the socket even if xenstored is running, or something like that. I'm now back to running xenconsoled and xenstored from xend, but xenconsoled sometimes fails (apparently when a domU crashes and is restarted before its console can be attached to), and is not restarted by xend. It would really be a lot nicer to have them supervised by runit separately, so that if any of them were to fail, they could be restarted automatically. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Money can't buy friends, but you can afford a better class of enemy. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386207: Please improve documentation
Package: pound Version: 2.0-1 Severity: minor Hi, currently, the documentation doesn't say what syntax is supported when specifying URL patterns. Based on the examples, it's a subset of POSIX regular expressions, but ^ and $ don't seem to work. It would be nice if extended regular expressions were properly supported, or, failing that, the documentation would at least say what is supposed to work and what isn't. Specifically, I tried CheckURL ^/foo($|/) But this didn't have the anticipated effect (/foo and /foo/ were equally refused). Also, under the Service heading, the man page says: URL pattern Match the incoming request. If a request fails to match than this service will be skipped and next one tried. If all services fail to match Pound returns an error. You may define multiple URL conditions per service. If no URL was defined then all requests match. It's not clear whether multiple URL conditions are evaluated in an AND or an OR manner, i.e. whether all must match or only one. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Time is a great teacher, but it kills all its pupils. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#43594: Is this fixed?
Did you get to check this out, can I close the bug report? Uh. Been a while. :) Sorry, I don't think I'll use this package ever again, and the problem I had reported was apparently pretty much unreproducible to begin with, so yes, I think you can close the bug. 7 years... it has already completed first grade at school. :) Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Daddy, what does Formatting Drive C: mean? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#356339: Please add option to tag each line with fixed string to svlogd
Package: runit Version: 1.3.3-1 Severity: wishlist Hi, sorting the logs of generic services (i.e. ones that just write to stdout, not to syslog) when they are received via udp would be easier if svlogd could prepend a service-specific tag to each logged line (either unconditionally, or only when logging to udp). Without such tags, it's a pain to sort log lines on the receiving end. Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A dime saved is a dollar earned. The rest is Uncle Sam's. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#274818: Please add option to work from Packages (or available) instead of status
On Thu, Mar 13, 2008 at 11:25:24PM +0100, Carsten Hey wrote: Hi, I think it would be useful to be able to analyze the dependencies of a Debian package pool in order to possibly identify e.g. old libraries that no one needs any longer. I just asked someone from the release team whether this would be a useful feature for them and he denied it. So although this feature would be relatively trivial to implement I will probably not do this since I don't see any use case for it. If you or anyboby else can imagine a use case for this (except usage by the release team), please attach an explanation to this bug and remove the wontfix tag. Use case: if you have your own package pool which includes old and/or orphaned packages from Debian that are no longer a part of the official archive, it would be good to know which old libraries are safe to get rid of. I used to have such a pool with packages such as 'xv', 'spamdb' and quite a few others (and their dependencies) when I filed this bug. I'm not removing the wontfix tag, because you may not agree this is a valid use case. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Everything that is not mandatory is forbidden. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#616091: Please provide optional fallback to subsequent TargetURLs even for 404co
Package: apt-cacher-ng Version: 0.6-1 Severity: wishlist Hi, currently, if apt-cacher-ng is configured for redirection, not just merging, and the first preferred upstream mirror is responsive but malfuntcioning (resets connection, doesn't have files it should have etc.), acng clients can't download files. It would be great if you could introduce some form of fallback mechanism that would cause acng to try failing http requests on other mirrors before reporting failure to the client. Something like FallbackLimit n would be nice, where an additional n mirrors would be tried in case a file couldn't be fetched from the first (even though it did respond). It could default to 0, which is the current behaviour. Andras -- Andras Korn korn at elan.rulez.org Automatic simply means that you cannot repair it yourself. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#616091: Please provide optional fallback to subsequent TargetURLs even for 404co
On Wed, Mar 02, 2011 at 09:22:35PM +0100, Eduard Bloch wrote: currently, if apt-cacher-ng is configured for redirection, not just merging, First, which configuration / config directive do you exactly mean? Remap. I got redirection and merging from the documentation, sorry. :) and the first preferred upstream mirror is responsive but malfuntcioning (resets connection, doesn't have files it should have etc.), acng clients can't download files. Second, it does already have a fallback behaviour. I know, but it doesn't kick in in all cases where I think it should. However, code 404 is not interpreted as failure. Because apt does a lot of such requests, e.g. for translation files which can be missing. And what's so terrible about retrying those on other servers as well? If it _is_ very bad for some reason, then request types that can be reasonably expected to fail shouldn't be retried on other servers, but requests for package files should (not by default, but optionally yes). Specific problem: Remap-debrep: file:deb_mirror*.gz /ftp.debian.org/debian/ /cdn.debian.net/debian/ /debian ; http://cdn.debian.net/debian/ http://ftp.hu.debian.org/debian/ [...] The idea is to prefer whatever mirror cdn.debian.net prefers, and to fall back to a small set of specific mirrors if the first mirror doesn't work. For a few days, the mirror cdn.debian.net pointed to was incomplete. It had up to date Packages files but many .debs were simply missing. Later, the problem changed, and the mirror aborted all connections without replying anything. Any apt requests that referenced these URLs, using whatever specific mirror, were redirected to cdn.debian.net, and thus failed (either giving 404 or 502 when the upstream mirror aborted the connection). This was understandably very frustrating for the users. It would greatly increase the robustness of ACNG (reduce its susceptibility to problems with specific mirrors) if it could retry the same request on different mirrors if the first one failed. On a related note, I think speed could be improved substantially by connecting to several mirrors in parallel and dropping surplus connections once at least one succeeds; this way there'd be no need to wait for the first connection to time out before trying the second, for the second to time out before trying the third and so on. Andras -- Andras Korn korn at elan.rulez.org Timing error. Please wait. And wait. And wait. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#513880: Optionally omit timestamps from lines sent over UDP
Package: socklog Version: 2.1.0-8 Severity: wishlist Hi, when logging kernel messages over UDP with socklog+svlogd, the end result looks like this: @40004986304d23ededec 172.18.17.254: @40004986304d23676c54 kern.warn: Feb 2 00:29:07 kernel: ... The line contains three timestamps, which is not very useful and only makes the message harder to read. I know I can do the following: 1. get rid of the first timestamp by not telling svlogd on the logserver to log one; 2. get rid of the second timestamp by not telling svlogd on the client system to log one. The problem with #1 is that some syslog clients send timestamps whereas others don't, and I need to have timestamps enabled in svlogd on the server for the sake of the latter. The problem with #2 is that the client also writes the logs to local storage and I definitely want the timestamps there. I can see the following options: 1. Adding a new config command to send via UDP without timestamp. 2. Making timestamps toggleable on a per-directory basis (I could have a logdir with only udp targets and no timestamps and other logdirs with no udp targets and timestamps enabled). 3. Some mangling on the server side to recognise a tai64n timestamp at the beginning of the incoming line, and insert the client IP field after it instead of in front of it. This seems somewhat kludgy to me even though it would probably work very well in practice. This still doesn't get rid of the third, useless, syslog-style timestamp, but I guess you wouldn't want to add sed-style editing functions, and I can't really see any other way. :) Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22.18-vs2.2.0.6-arcadia (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages socklog depends on: ii adduser 3.110 add and remove users and groups ii libc6 2.7-13 GNU C Library: Shared libraries Versions of packages socklog recommends: ii ipsvd 1.0.0-1Internet protocol service daemons ii runit 2.0.0-1a UNIX init scheme with service su pn socklog-run none (no description available) socklog suggests no packages. -- no debconf information -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: When smashing monuments, always save the pedestals - they come in handy. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#529744: Seems to be leaking file descriptors, leads to 100% CPU usage
Package: apt-cacher-ng Version: 0.3.11-1 Severity: normal Hi, I noticed that apt-cacher-ng's CPU usage goes to 100% and stays there after a few days of running. stracing it revealed the following: select(7, [6], [], NULL, NULL) = 1 (in [6]) accept(6, 0x7fff3bdad5a0, [171252509438902400]) = -1 EMFILE (Too many open files) select(7, [6], [], NULL, NULL) = 1 (in [6]) accept(6, 0x7fff3bdad5a0, [171252509438902400]) = -1 EMFILE (Too many open files) select(7, [6], [], NULL, NULL) = 1 (in [6]) accept(6, 0x7fff3bdad5a0, [171252509438902400]) = -1 EMFILE (Too many open files) select(7, [6], [], NULL, NULL) = 1 (in [6]) accept(6, 0x7fff3bdad5a0, [171252509438902400]) = -1 EMFILE (Too many open files) ... and so on. It had 1024 files open, 676 of which were pipes, 343 were sockets, and the rest was this: lr-x-- 1 apt-cacher-ng apt-cacher-ng 64 May 21 11:06 0 - /dev/null l-wx-- 1 apt-cacher-ng apt-cacher-ng 64 May 21 11:06 123 - /var/cache/apt-cacher-ng/debrep/dists/sid/main/source/Sources.diff/_actmp/tmp (deleted) lr-x-- 1 apt-cacher-ng apt-cacher-ng 64 May 21 11:06 3 - /var/lib/vservers/aptproxy-bud l-wx-- 1 apt-cacher-ng apt-cacher-ng 64 May 21 11:06 4 - /var/log/apt-cacher-ng/apt-cacher.err l-wx-- 1 apt-cacher-ng apt-cacher-ng 64 May 21 11:06 5 - /var/log/apt-cacher-ng/apt-cacher.log The last lines of the errorlog were: Tue May 19 17:16:48 2009|Not creating Unix Domain Socket, fifo_path not specified Tue May 19 17:18:25 2009|Not creating Unix Domain Socket, fifo_path not specified Wed May 20 10:15:03 2009|/var/cache/apt-cacher-ng/debrep/dists/unstable/Release.gpg storage error [503 Inconsistent file state]: File exists Wed May 20 11:24:34 2009|Error creating pipe file descriptors Wed May 20 11:25:34 2009|Error creating pipe file descriptors Wed May 20 11:26:34 2009|Error creating pipe file descriptors Wed May 20 11:27:34 2009|Error creating pipe file descriptors Wed May 20 11:28:34 2009|Error creating pipe file descriptors I'm running acng under runit, launching it with the following command line: exec chpst -u apt-cacher-ng apt-cacher-ng -c /etc/apt-cacher-ng ForeGround=1 My acng.conf reads as follows: CacheDir: /var/cache/apt-cacher-ng LogDir: /var/log/apt-cacher-ng Port:4128 Remap-debrep: file:deb_mirror*.gz /debian ; http://ftp.hu.debian.org/debian/ http://ftp.at.debian.org/debian/ http://ftp.kfki.hu/linux/debian/ http://ftp.externet.hu/debian/ Remap-uburep: file:ubuntu_mirrors /ubuntu ; http://hu.archive.ubuntu.com/ubuntu/ http://at.archive.ubuntu.com/ubuntu/ http://ftp.kfki.hu/linux/ubuntu/ Remap-debsec: /security.debian.org/debian-security /debian-security ; http://ftp2.de.debian.org/debian-security/ http://security.debian.org/debian-security/ Remap-debbackports: /backports.org/debian/ /debian-backports ; http://backports.org/debian/ Remap-debpeople: /people.debian.org/ /debian-people ; http://people.debian.org/ Remap-debmultimedia: /debian-multimedia file:marillat_mirrors ; file:marillat_mirrors Remap-skype: /download.skype.com/linux/repos/debian /skype ; http://download.skype.com/linux/repos/debian/ Remap-opera: /deb.opera.com/opera /opera ; http://deb.opera.com/opera/ Remap-volatile: /volatile.debian.org/debian-volatile/ /ftp2.de.debian.org/debian-volatile/ /debian-volatile ; http://volatile.debian.org/debian-volatile/ http://ftp2.de.debian.org/debian-volatile/ Remap-debsnap: /snapshot.debian.net /debian-snapshot ; http://snapshot.debian.net/ Remap-canonical: /archive.canonical.com/ubuntu /canonical ; http://archive.canonical.com/ubuntu/ Remap-grml: http://deb.grml.org/ /grml ; http://deb.grml.org/ Remap-igraph: http://cneurocvs.rmki.kfki.hu/ /igraph ; http://cneurocvs.rmki.kfki.hu/ Remap-inno: http://inno.bme.hu/debian/ /inno ; http://inno.bme.hu/debian/ Remap-debunofficial: http://ftp.debian-unofficial.org/debian/ /debian-unofficial ; http://ftp.debian-unofficial.org/debian/ Remap-backports: http://www.backports.org/debian /backports ; http://www.backports.org/debian/ Remap-gosa: http://oss.gonicus.de/debian /gosa ; http://oss.gonicus.de/debian/ Remap-virtualbox: http://download.virtualbox.org/virtualbox/debian /virtualbox /vbox ; http://download.virtualbox.org/virtualbox/debian Remap-av: http://debian.av.hu/ /av ; http://debian.av.hu/ ReportPage: acng-report.html ForeGround: 0 ExTreshold: 5 LogSubmittedOrigin: 1 -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.29-vs2.3.0.36.9-pre4-stallion (SMP w/3 CPU cores) Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Black holes really suck... -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#506173: Actually, syslog-ng shouldn't conflict with any other syslog package
Package: syslog-ng Version: 2.0.9-4.1 Followup-For: Bug #506173 Hi, there are circumstances when having more than one syslog daemon installed makes sense (for example, I want to use klogd and socklog for local messages and syslog-ng to listen on a UDP socket). It's the same as having more than one webserver, or more than one HTTP proxy. The default configurations may conflict, but there is no inherent conflict. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Unless you're the lead dog, the view never changes. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515181: Ignores return status of open(stripe) for coss
Package: squid3 Version: 3.0.STABLE8-3 Severity: normal Hi, I tried to use cache_dir coss /dev/proxy_squid_coss 2048 block-size=512 max-size=131072 based on http://wiki.squid-cache.org/Features/CyclicObjectStorageSystem Apparently, it's no longer possible to use a raw device directly, but the way squid handles this is buggy: stat(/dev/proxy_squid_coss, {st_mode=S_IFBLK|0660, st_rdev=makedev(253, 13), ...}) = 0 open(/dev/proxy_squid_coss/stripe, O_WRONLY|O_CREAT|O_TRUNC, 0600) = -1 ENOTDIR (Not a directory) write(4294967295, \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 1024) = -1 EBADF (Bad file descriptor) Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I left my 2 XP CDs on my dashboard. Someone broke into my car and left 2 more. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515194: Documentation could be improved
remapping URL remapping has several uses. First, it allows your apt-cacher-ng based proxy to masquerade as a Debian or Ubuntu mirror; it can be made to appear to contain the same directory structure and files the client would find on a real mirror. Instead of referencing a real mirror, the client's sources.list file would contain a line like 'deb http://name.of.proxy.host/debian stable main'. Your backend definition in apt-cacher-ng's configuration determines which actual debian mirror will be used to fetch the files. This keeps the client configuration clean, simple and straightforward. Without URL remapping, the sources.list file on the client would have to read something like 'deb http://name.of.proxy.host/ftp.de.debian.org/debain stable main'. Note that, depending on the remapping configuration, it is possible that apt-cacher-ng will actually use a mirror other than ftp.de.debian.org even in this case (see below). [Is this right?] A second use is obscuring the real location of a repository from your clients. This allows you to change the real location easily, without having to modify the configuration of all clients; you just have to edit the backend configuration in one single place. You configure URL remapping with lines like the following: Remap-debian: http://ftp.de.debian.org/debian This is the simplest case. When a client asks for http://proxy.host/ftp.de.debian.org/debian/something, apt-cacher-ng fetches http://ftp.de.debian.org/debian/something. [Is this right?] Slightly more complex examples: Remap-ubuntu: /ubuntu ; http://us.archive.ubuntu.com/ubuntu Remap-medibuntu: /medibuntu ; http://packages.medibuntu.org These two examples specify trivial mappings. Whenever a client asks for http://proxy.host/ubuntu/foo, apt-cacher-ng will retreive http://us.archive.ubuntu.com/ubuntu/foo. When a client wants http://proxy.host/medibuntu/bar, apt-cacher-ng fetches http://packages.medibuntu.org/bar. This is still relatively simple. More complex remappings are also possible. A Remap- line contains three pieces of information: 1. A unique internal identifier for the remapping ruleset specified by the line; in the examples above, ubuntu and medibuntu. These identifiers have no meaning; we could just as well have chosen blarg and deedledum. Restrictions: the identifier must be valid as a filename; it mustn't begin with an underscore; and it mustn't contain whitespace. This is the part of the line between Remap- and the first colon (':'). 2. A list of pathnames to apply remapping to. These can be specified directly, separated by spaces, but apt-cacher-ng can also read them from files. Large lists of pathnames to remap are handled efficiently. You can use file:filename to read a list of pathnames from filename. Filename can be absolute, or relative to the configuration directory. You can mix files and literal pathnames in the list. Pathnames mustn't contain wildcards, but file: specifications may. apt-cacher-ng can decompress .gz and .bz2 files. A leading http://; in pathnames is replaced by a single /. This is the part of the line between the first colon and the first semicolon (';'). 3. A list of backend servers to fetch the files from, whenever clients request a file from a remapped path. Backend lists are specified the same way as path lists. Example: Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian This causes apt-cacher-ng to read a list of debian mirrors from all files matching deb_mirror*.gz and construct a list of pathnames consisting of entries like /ftp.de.debian.org/debian /ftp.kfki.hu/linux/debian and so on. The last element of the list will be simply /debian. All these paths will be remapped to paths read from backends_debian, which can contain the base URL of a single Debian mirror, or several URLs, one per line. [What happens when there are several?] The same RFC822-like format deb_mirrors.gz is supplied in is also supported, so you could just make backends_debian a subset of deb_mirrors.gz. Client sources.list files could specify either of the following and still actually use the mirrors from backends_debian: - 'deb http://proxy.host/arbitrary.official.debian.mirror/basepath stable main' - 'deb http://proxy.host/debian stable main' [Would transparent proxying work? I.e. could you just redirect requests to port 80 of debian mirrors to the port of apt-cacher-ng?] --- 8 --- What I think is missing from the documentation: - description of the fields in the RFC822 files; - explanation of how a backend to download from is chosen if more than one is specified; - an explanation of the unix socket thing; - an explanation of ForceManaged (based on 3.2 one is under the impression that only remapped paths are supported anyway). Please feel free to include whatever I wrote in the documentation verbatim if you like it. Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD
Bug#466138: Is this LVM message actually useful?
Hi, as far as I can tell, the File descriptor x left open message is just telling the user about open file descriptors the lvm utility inherited and successfully closed. The --quiet option doesn't appear to suppress the message. Does printing the message serve any useful purpose? I'd expect lvcreate, lvremove and similar commands to be silent when called with --quiet; only errors should be printed. How is successfully closing a file descriptor an error? Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Smash forehead on keyboard to continue. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#466138: Is this LVM message actually useful?
On Wed, Jul 08, 2009 at 02:21:05PM +0100, Alasdair G Kergon wrote: Hi, It's often an indication of a careless programming and can lead to security problems if a child process inherits access to a rogue file descriptor and can interfere with it. The messages were added during a bug investigation to prove that LVM was not involved. selinux with a strict policy now also detects this sort of bug. They can be suppressed by setting the (deliberately-undocumented) environment variable LVM_SUPPRESS_FD_WARNINGS, but really, the source of the problem you're seeing should be addressed instead of ignoring the symptoms. I don't agree; surely, following the above argumentation, each and every program should go out of its way to close any inherited file descriptor it didn't expect, and warn the user about them. Incidentally, this would make chpst -l (which relies on obtaining a lock on a file and then passing this filedescriptor on to its child, which it execs without a fork) useless. In my case, I know where the stray FD is coming from: I'm invoking lvm utilities from a zsh script that has a logging coprocess, and it does an exec p early on so that all output of any programs invoked goes to the coprocess instead of stdout. Child processes inherit a pipe to the coprocess, but this isn't a problem that needs to be addressed; it has no ill effects and certainly doesn't warrant an obnoxious warning I can only turn off by relying on an undocumented feature. I certainly agree that the warnings are a good debugging aid, but making them unnecessarily hard to turn off is, in my opinion, contrary to the unix philosophy, which entails letting the user shoot himself in the foot if he wants, and not assuming that your program is necessarily smarter than the person running it, or that the developer was able to anticipate all circumstances his or her program might be run in. I think --quiet should get rid of these warnings too; you should assume that anyone who goes out of their way to specify --quiet really does want the utility to be quiet except when critical errors occur. It's what --quiet should do, and what the documentation implies --quiet does. Anyway, thank you for the hint about LVM_SUPPRESS_FD_WARNINGS, and sorry about the ranting. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ When in darkness or in doubt, run in circles, scream and shout. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#466138: Is this LVM message actually useful?
On Wed, Jul 08, 2009 at 06:21:27PM +0100, Alasdair G Kergon wrote: ill effects and certainly doesn't warrant an obnoxious warning I can only turn off by relying on an undocumented feature. What stops you closing the fd just before the execve()? Nothing, I suppose, other than that it adds a difficult to read line with no obvious purpose to the script (nothing a comment couldn't explain, to be sure). But I agree it's a workaround (whether it's nicer than the magic envvar, I couldn't say). lvm will not write to pre-existing fds other than 0, 1 2 and lvm is currently imposing it as a requirement that other fds, which lvm will not use, should be closed before invocation. I'm still not sure I understand why this is such a big deal that it's unacceptable to just close them silently, but I don't want to argue this point ad nauseam. I think --quiet should get rid of these warnings too; Unfortunately the program structure makes that impossible: these checks are performed during initialisation, before even looking at any command line. Well, the fact that it's difficult to fix doesn't mean it's not broken. :) Currently, --quiet doesn't work properly because LVM still prints messages that aren't critical errors. I wouldn't object to this bug being downgraded to wishlist and retitled to something like Please fix --quiet so that it suppresseses the warning about FDs left open (it's not my bug, so I won't mess with it myself). Add a wontfix tag if you think it's never going to be fixed. However, I think at the very least the magic envvar should be documented for use in those cases where a stay FD is known to be present and LVM should be silent. This would help avoid kludges like lvsomething 21 | fgrep -v ... (And hey, maybe there are even valid uses for stray FDs, only we can't think of any right now - so that not even closing them may always be desirable.) Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Bathroom scale: Something you stand on and swear at. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#576936: OpenVPN Access Server is not free software
Hi, sorry for butting in; I just noticed this in the BTS and thought I could help out by replying. Did you read the information on the pricing page? They give you two, non expiring, keys for free so that you can have up to two clients simultaneously connected. You can have as many clients in the pool as you wish, you are just limited to the number that can connect at any one time. If you want more keys, they charge $10 each. So whether or not this is free software depends on your usage requirements. The point isn't whether they charge you money; the point is that it's not free as in freedom. It doesn't meet the Debian Free Software Guidelines, so it'd have to go into the non-free repository, but from the looks of it Debian couldn't legally distribute it even then. However, seeing that the vendor provides Ubuntu packages, it shouldn't be too hard to persuade them to repackage it for Debian as well; the required changes are probably minimal. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Backup not found: (A)bort (R)etry (P)anic -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#580899: Please support certificates where a CN attribute is not part of the subject DN
Package: openvpn Version: 2.1.0-2 Severity: wishlist Hi, with LDAP deployments becoming more and more commonplace, private PKIs can be expected to try to create a mapping between the LDAP DNs of users and the DNs in their certificates. A typical LDAP DN at a Unix site looks like this: uid=username,ou=People,dc=somedomain,dc=tld It's entirely possible to issue a certificate to this DN as a subject. Alas, using such certificates with OpenVPN is currently impossible; an attempt to do so yields: VERIFY ERROR: could not extract Common Name from X509 subject string ('/UID=someuser/OU=People/DC=somedomain/DC=tld') -- note that the Common Name length is limited to 64 characters TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned TLS Error: TLS object - incoming plaintext read error TLS Error: TLS handshake failed SIGUSR1[soft,tls-error] received, client-instance restarting IIUC, the only point in parsing out the CN is to have a hopefully unique friendly name for the client. The --username-as-common-name option looks like a promising workaround, but unfortunately the failure to find a CN in the subject string still causes the connection to fail even if a remote username is supplied and username-as-common-name is enabled. Please implement one or more of the following: 1. If username-as-common-name is specified, use the remote username as the CN right away and don't even try to parse the CN out of the subject string. 2. Allow the administrator to specify a different attribute instead of CN to look for in the subject string (e.g. uid). This would not be ideal because while people would have uids, devices would still have CNs (so OpenVPN servers may have to deal with differently constructed DNs). 3. Allow the administrator to specify a list of attributes to look for in the subject string to use as CN. 4. Add an option to use the entire DN instead of only part of it to name the client. 5. Allow an external script or plugin to set OpenVPN's idea of the CN based on the client certificate (or just the subject string) and/or the username. Thanks Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Just because nobody complains doesn’t mean all parachutes are perfect. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#580899: Please support certificates where a CN attribute is not part of the subject DN
On Sun, May 09, 2010 at 07:37:50PM +0200, Andras Korn wrote: VERIFY ERROR: could not extract Common Name from X509 subject string ('/UID=someuser/OU=People/DC=somedomain/DC=tld') -- note that the Common Name length is limited to 64 characters This was a mistake; the DN in an X.509 certificate is read from left to right, not right to left (but this is irrelevant as far as the original wishlist report is concerned). However, it just occurred to me that it may make sense to force the username (in username+password authentication) to be either the uid/cn from the certificate subject, or the entire DN. This would strengthen double authentication in that it wouldn't be sufficient to know _a_ username/password pair and obtain _a_ valid certificate; it'd be necessary for the client to know the current password of the exact user whose certificate it is using to connect. I suppose external verify scripts can already be used to do this though. -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ I couldn't repair your brakes, so I made your horn louder. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575228: Please support passing arguments or variables to {pre,post}{,dis}connection scripts
Package: wicd-daemon Severity: normal Hi, I'm pretty certain this used to work at some point, maybe early 2009, but was then fixed; hence the severity. I have a script called netconfig that takes a parameter and sets up some local things based on that parameter. I'd like wicd to pass it a command line argument, but can't seem to do so; the entire command line is treated as the name of the script, including spaces. Neither does wicd appear to pass in any meaningful environment variables. I can think of a number of workarounds, but the best would be for wicd to just spawn a shell to evaluate the command line pertaining to the script, so that word splitting would be performed automatically. I don't think people commonly use scripts that have spaces in their names, so this would be less of a violation of the Principle of Least Surprise. Cheers, Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Most car accidents involve people with driver's licenses, so I tore mine up. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575228: Please support passing arguments or variables to {pre,post}{,dis}connection scripts
On Wed, Mar 24, 2010 at 01:29:30PM +0100, David Paleino wrote: Hi, To the wired scripts, wired is passed (three times, just for compatibility with the wireless ones, even though I disagree with upstream on this, but have found no sufficient motivation to patch it), i.e. if you put netconfig as a pre/post connection/disconnection script, it will be called as: $ netconfig wired wired wired To the wireless scripts, WICD passes wireless, the ESSID and the BSSID, i.e.: $ netconfig wireless my-wlan 00:11:22:33:44:55 I'm afraid that's not quite good enough (it's only good enough for a workaround). You see, my netconfig script does several things like this one: #!/bin/zsh cd /etc { echo Fixing resolv.conf... [[ -L resolv.conf ]] [[ -e resolv.conf-$1 ]] { rm resolv.conf ln -s resolv.conf-$1 resolv.conf } } $1 is supposed to be the same for a specific set of wireless networks and different for others. I could of course make the script more complex (add a key lookup), or have more resolv.conf-* files that are identical; but I think the best would be to be able to pass a custom command line argument to the netconfig script from wicd. I'm fine with it being the fourth argument. Maybe we could mangle this bug appropriately to make it a documentation-bug. Not just yet. :) -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Never agree with me, it shakes my self-confidence. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570929: Hungarian locale: zs is treated as a single letter, with undesirable consequences
Package: locales Version: 2.10.2-6 Severity: normal Hi, in Hungarian, zs (as well as sz, cs, ty, dz, dzs, gy and ly) are said to be part of the alphabet and each combination is considered to be a single letter; however, they are represented by two or more characters; there aren't single glyphs for them. zs in particular is causing trouble for grep: % echo zs | LANG=C grep '^[^a-z]*$' % echo zs | LANG=hu_HU.UTF-8 grep '^[^a-z]*$' zs It's possible to come up with expressions that lead to similarly unexpected results for the other multi-char letters as well, but these don't occur frequently: % echo ty | LANG=C grep '^[s-u]*$' % echo ty | LANG=hu_HU.UTF-8 grep '^[s-u]*$' ty This is undesirable and dumb, for several reasons: 1. grep has no way of knowing whether a zs sequence is a single letter or two letters, because the combination can occur in compound words without becoming a zs letter; for example, in fúvószenekar (fúvós + zenekar), it's simply an s and a z letter next to each other. There may even exist words that make (a different) sense either way, but I can't think of any right now. 2. zs is the last letter of the Hungarian alphabet; therefore, no sane character range in a regular expression can include it ([a-zs] would be ambiguous because there isn't a zs glyph). zs and the other multi-char letters play an important role in sorting (zs has to be sorted after za and so on), but please can we treat them as two characters in all other contexts? I can also make a socio-ergonomic point: I think most people who deal with regular expressions don't expect Hungarian multi-character letters to be treated as single characters in regular expressions, whether they are Hungarian or not. Andras -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32.7-vs2.3.0.36.28-hellgate (SMP w/3 CPU cores; PREEMPT) Locale: LANG=C, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages locales depends on: ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii libc6 [glibc-2.10-1] 2.10.2-2 GNU C Library: Shared libraries locales recommends no packages. locales suggests no packages. -- debconf information: * locales/default_environment_locale: None * locales/locales_to_be_generated: en_GB ISO-8859-1, en_GB.ISO-8859-15 ISO-8859-15, en_GB.UTF-8 UTF-8, en_US ISO-8859-1, en_US.ISO-8859-15 ISO-8859-15, en_US.UTF-8 UTF-8, hu_HU ISO-8859-2, hu_HU.UTF-8 UTF-8 -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ A stitch in time would have confused Einstein. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570929: Hungarian locale: zs is treated as a single letter, with undesirable consequences
On Mon, Feb 22, 2010 at 11:07:21AM +0100, Andras Korn wrote: 1. grep has no way of knowing whether a zs sequence is a single letter or two letters, because the combination can occur in compound words without becoming a zs letter; for example, in fúvószenekar (fúvós + zenekar), it's simply an s and a z letter next to each other. There may even exist words that make (a different) sense either way, but I can't think of any right now. Uh, sorry, wrong example (sz instead of zs). Some examples for zs are község, egészség (especially interesting because it contains an sz followed by an s, not an s followed by a zs), gazság etc. 2. zs is the last letter of the Hungarian alphabet; therefore, no sane character range in a regular expression can include it ([a-zs] would be ambiguous because there isn't a zs glyph). It actually gets even more confusing, because grep's behaviour is inconsistent: % echo zs | LANG=hu_HU.UTF-8 grep ^[a-z]*$ zs % echo azsa | LANG=hu_HU.UTF-8 grep ^a.a$ % echo azsa | LANG=hu_HU.UTF-8 grep ^a[^a-z]a$ azsa So is zs a member of the [a-z] class or not? The first attempt matches z and s individually, because zs doesn't match . (as shown in the second example). However, in the last example, zs matches [^a-z], which is also only supposed to match a single character. The problem also affects sed(1) similarly: % echo azsa | LANG=hu_HU.UTF-8 sed -n /^a[^a-z]a$/p azsa Therefore, I believe this is a bug in locales, not grep. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Never say 'OOPS!' Always say 'Ah, Interesting!' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570929: Hungarian locale: zs is treated as a single letter, with undesirable consequences
On Tue, Feb 23, 2010 at 10:29:25PM -0600, Jonathan Nieder wrote: 2. zs is the last letter of the Hungarian alphabet; therefore, no sane character range in a regular expression can include it ([a-zs] would be ambiguous because there isn't a zs glyph). Would [a-[.zs.]] work? ̈́No, because apparently [.zs.] isn't a valid collating element: % echo azsa | LANG=hu_HU.UTF-8 grep ^a[a-[.zs.]]a$ grep: Invalid collation character See http://www.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_03_05 That was helpful, thanks - I didn't know about collating elements in REs. Lots of the behavior of regular expressions in non-C locales is counterintuitive, so it might be helpful to point out if each example violates some rule of the standard or only common sense (both are important, of course). Uh, that standard is too dense for me; I'll pass on that and can only vouch for common sense. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ My new year's resolution is 1920x1080. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#598194: ntfsclone: please support o_direct and different block sizes
Package: ntfsprogs Version: 2.0.0-1+b1 Severity: wishlist Hi, I think it may help speed up ntfsclone if it could read with block sizes other than 4k and if direct i/o could optionally be used. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Múltkor is pixeles volt az ég alja, esett is másnap. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#598195: ntfsclone: please support cloning to multiple destinations
Package: ntfsprogs Version: 2.0.0-1+b1 Severity: wishlist Hi, it'd be great to be able to use ntfsclone to mass-clone ntfs images, writing to several disks simultaneously. I suppose I could do this using tee(1) and sending the image to stdout, but I still think this feature could be sensibly incorporated into ntfsclone itself (especially coupled with o_direct support). Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Get married and share the problems you didn't know you had. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601813: Please provide a more friendly/useful message instead of Warning: The resulting partition is not properly aligned for best performance.
Package: parted Version: 2.3-2 Severity: wishlist Tags: upstream Hi, I'm attempting to create a partition on a disk with a GPT. I have a partition that ends at sector 501535; that was apparently fine performance-wise, because parted printed no warning. Now I would like to create a new partition, starting from sector 501536, but parted tells me that's not optimal. It doesn't tell me what _would_ be optimal, even though it could. Seeing that I started parted with -a optimal, which supposedly automatically aligns partitions optimally, it'd be great if it could at least tell me what the nearest optimal sector to the one I chose is. The only workaround I found was to switch to some unit larger than sectors, which resulted in the beginning of the new partition to be shifted forward by 224. Please either print the suggested optimal value or even offer to use that instead of what the user supplied. Thanks. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ Feet smell? Nose runs? Hey, you're upside down! -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#270099: getfacl doesn't show setuid/setgid/sticky bits
Hi, I just tried what Markus Steinborn tried and it seems to work for me (i.e. the setuid bit isn't lost): # ls -l passwd -rwsr-xr-x 1 root root 43280 Sep 26 15:59 passwd* # cat passwd.acl # file: passwd # owner: root # group: root # flags: s-- user::rwx group::r-x other::r-x # setfacl --restore passwd.acl # ls -l passwd -rwsr-xr-x 1 root root 43280 Sep 26 15:59 passwd* I'm using acl version 2.2.49-4, fwiw. I believe this bug is fixed. Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ The flesh was willing but the grass was wet. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#520309: 'force group' still broken in 3.3.2
Package: samba Version: 2:3.3.2-1 Severity: normal Hi, I have a samba pdc that uses an ldapsam backend. Everything seems to work, with the expection of the following share: [store] path = /store hide unreadable = yes csc policy = disable force group = +Power Users inherit acls = true volume = STORE create mask = 0666 directory mask = 0777 When I connect to this share from either smbclient or Windows on a domain workstation, the connection is denied and samba logs make_connection: connection to store denied due to security descriptor. If I comment out force group, connections succeed. The users I tested with were members of power users, but I also tested with just force group = username (the name of the actual user), which should have had no effect for that user as his primary gid was already his own usergroup. But the connection was denied even so. The [global] section of my smb.conf reads as follows: [global] dos charset = CP852 display charset = UTF-8 workgroup = KORN netbios name = PDC server string = PDC auth methods = guest sam update encrypted = Yes obey pam restrictions = Yes passdb backend = ldapsam:ldap://192.168.0.99/ pam password change = Yes passwd chat debug = Yes log level = 1 debug class = yes debug prefix timestamp = yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 min protocol = LANMAN1 announce version = 9.9 name resolve order = lmhosts host wins bcast time server = Yes deadtime = 1440 max smbd processes = 30 socket options = SO_KEEPALIVE IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 hostname lookups = Yes add machine script = /usr/local/sbin/add-machine %u logon script = %u.cmd logon path = logon drive = N: logon home = \\%L\%u\profile domain logons = Yes os level = 255 preferred master = Yes domain master = Yes ldap admin dn = cn=admin,dc=intra ldap group suffix = ou=Group ldap idmap suffix = ou=idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap user suffix = ou=People ldap suffix = dc=intra,dc=guy ldap ssl = no panic action = /usr/share/samba/panic-action %d ldapsam:trusted = yes ldapsam:editposix = yes admin users = root, Administrator hosts allow = 192.168.0.0/24, 127.0.0.0/8 profile acls = Yes use sendfile = Yes hide dot files = No map archive = No algorithmic rid base = 10 unix password sync = yes client ntlmv2 auth = yes acl group control = yes force unknown acl user = yes smb ports = 445 139 min receivefile size = 32k disable netbios = no reset on zero vc = yes ea support = yes map acl inherit = yes server signing = auto printcap name = cups printing = cups cups options = raw mangle prefix = 3 hide special files = yes map read only = permissions wins support = yes preload = guy utmp = yes delete readonly = yes dos filemode = yes Andras -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.28.5-vs2.3.0.36.7 Locale: LANG=C, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: He who laughs, lasts. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#512437: 32bit nscd can't serve 64bit clients
Package: nscd Version: 2.7-18 Severity: normal Hi, due to complicated circumstances it is perhaps not important to go into here, I have an nscd instance, compiled for i386, that should serve a mix of i386 and amd64 clients over the same unix domain socket (imagine, for example, chroots with different architectures). Apparently, some structure is aligned in an unfortunate way or maybe missing a 'packed' attribute; while 32bit clients can query nscd fine, queries from 64bit clients fail. I have obtained straces of the two kinds of behaviour. Good (i386 client): connect(3, {sa_family=AF_FILE, path=/var/run/nscd/socket...}, 110) = 0 send(3, \x02\x00\x00\x00\x0b\x00\x00\x00\x07\x00\x00\x00\x70\x61\x73\x73\x77\x64\x00..., 19, MSG_NOSIGNAL) = 19 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=3, revents=POLLIN|POLLHUP}]) recvmsg(3, {msg_name(0)=NULL, msg_iov(2)=[{\x70\x61\x73\x73\x77\x64\x00..., 7}, {\xb8\x4f\x03\x00\x00\x00\x00\x00..., 8}], msg_controllen=16, {cmsg_len=16, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {4}}, msg_flags=0}, MSG_CMSG_CLOEXEC) = 15 mmap2(NULL, 217016, PROT_READ, MAP_SHARED, 4, 0) = 0xf7d8a000 close(4)= 0 close(3)= 0 fstat64(1, {st_dev=makedev(0, 10), st_ino=22, st_mode=S_IFCHR|0620, st_nlink=1, st_uid=0, st_gid=5, st_blksize=1024, st_blocks=0, st_rdev=makedev(136, 20), st_atime=2009/01/20-18:46:57, st_mtime=2009/01/20-18:46:57, st_ctime=2009/01/20-18:31:00}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf7f06000 write(1, foobar:x:1061:1061:foo bar:/home/foobar:/bin/bash\n..., 55) = 55 exit_group(0) = ? Bad (amd64 client): connect(3, {sa_family=AF_FILE, path=/var/run/nscd/socket...}, 110) = 0 sendto(3, \x02\x00\x00\x00\x0b\x00\x00\x00\x07\x00\x00\x00\x70\x61\x73\x73\x77\x64\x00..., 19, MSG_NOSIGNAL, NULL, 0) = 19 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=3, revents=POLLIN|POLLHUP}]) recvmsg(3, {msg_name(0)=NULL, msg_iov(2)=[{\x70\x61\x73\x73\x77\x64\x00..., 7}, {\xb8\x4f\x03\x00\x00\x00\x00\x00..., 8}], msg_controllen=24, {cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {4}}, msg_flags=0}, MSG_CMSG_CLOEXEC) = 15 mmap(NULL, 217016, PROT_READ, MAP_SHARED, 4, 0) = 0x2ac05280d000 close(4)= 0 close(3)= 0 exit_group(2) = ? I imagine the problem may be related to msg_controllen=16, {cmsg_len=16, cmsg_level=SOL_SOCKET, ... vs. msg_controllen=24, {cmsg_len=20, cmsg_level=SOL_SOCKET, ... It would be great not to have to run two instances of nscd that both cache the same backend. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 Kernel: Linux 2.6.22.19-vs2.2.0.7-stop Locale: LANG=C, LC_CTYPE=C Shell: /bin/sh linked to /bin/bash Best regards, Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: All generalizations are false (incl. this one) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#372746: Any news?
Hi, did you hear anything from Patrick? If not, maybe you could just include my patch in the version of and shipped by Debian? It's a trivial and non-intrusive patch, after all, that adds a simple but very useful feature... This would still allow Patrick to accept the patch at some point in the future, if and when he has time. Thanks Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Ha a recsegesek lathatok is, akkor az televizio. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#520309: [Pkg-samba-maint] Bug#520309: 'force group' still broken in 3.3.2
On Thu, Mar 19, 2009 at 08:41:12AM +0100, Christian Perrier wrote: Hi, (second attempts.your mail server is apparently blacklisting my ISP mail server...which is quite silly) Hmmm, strange; I didn't see it in the log (and according to the BTS, your first message was delivered by the same 88.169.112.155 as the second, which I did receive). Anyway. When I connect to this share from either smbclient or Windows on a domain workstation, the connection is denied and samba logs make_connection: connection to store denied due to security descriptor. If I comment out force group, connections succeed. Could you get a level 3 debug log of such a failed attempt ? Sure, sorry about not attaching it right away. I'm including a log with a failure and one with a success (without force group). Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: I was once thrown out of a mental hospital for depressing the other patients. [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 2] smbldap_open_connection: connection opened [2009/03/19 22:10:50, 3] ldap_connect_system: successful connection to the LDAP server [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3, class=auth] check_ntlm_password: Checking password for unmapped user [intra]\[g...@[hellgate] with the new password interface [2009/03/19 22:10:50, 3, class=auth] check_ntlm_password: mapped user is: [korn]\[g...@[hellgate] [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 2, class=passdb] init_sam_from_ldap: Entry found for user: guy [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3, class=passdb] primary group of [guy] not found [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3, class=auth] check_ntlm_password: sam authentication for user [guy] succeeded [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 2, class=auth] check_ntlm_password: authentication for user [guy] - [guy] - [guy] succeeded [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 2, class=passdb] init_group_from_ldap: Entry found for group: 210 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 2, class=passdb] init_group_from_ldap: Entry found for group: 100 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/03/19 22:10:50, 3] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/03/19 22:10:50, 3] get_privileges: No privileges assigned to SID [S-1-5-21-655183313-499555889
Bug#521232: Please provide options to run in foreground
Package: courier-mta Version: 0.61.2-1 Severity: wishlist Hi, I'd like to run all components of courier under runit (which is a System V init replacement and/or a service management package). Some context: Runit avoids many problems related to daemonised processes (mostly the pid guessing game and unnecessary complexity in initscripts) by keeping daemons in the foreground, each running as the child of a 'runsv' process that manages its child. Each service has a so-called 'run' script that's started by the runsv process and that's responsible for setting up the initial environment of the service, then exec the service so that the process which started out as the shell running the run script doesn't exit as long as the service doesn't. The runsv process can then be told to send signals to the service or to automatically restart it when it exits. Logging is also provided: runsv can open a pipe between the stdout of the run script and the stdin of a logging process. This has advantages and disadvantages compared to the traditional syslog approach which I won't go into here. The point is, all this works beautifully with courier-imap and courier-authdaemon; it also appears to work with courierd itself, with the following 'run' script: --- snip --- #!/bin/sh exec 21 set -a . /etc/courier/courierd exec /usr/lib/courier/courier/courierd --- snip --- (I'm not yet sure what happens to courierd's log messages in this case.) However, I couldn't find a way to start courierfilter so that it stays in the foreground and preferably logs errors to stdout or stderr. Looking at the source, I get the impression that the program goes out of its way to daemonise and start a separate logging process, neither of which can apparently be disabled. Unfortunately I don't have what it takes to plough through liblock and implement a clean solution for staying in the foreground and logging to stderr, so I'm sending this wishlist report instead. Ideally, there should probably be a command line option or an envvar that disables daemonisation and another one that causes log messages to go to stderr, but for me and other users of similar init replacements a single option that does both would suffice. People wanting to use daemontools or freedt with courier would face the same issue, as would those who'd like to start courierfilter from inittab for whatever reason. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Can February March? No, but April May... -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#521232: Please provide options to run in foreground
On Thu, Mar 26, 2009 at 08:25:28AM +0100, Stefan Hornburg wrote: Hi, I'd like to run all components of courier under runit (which is a System V init replacement and/or a service management package). That's fine, but please bring this up on the courier mailinglist. There are the guys who know much more about courierfilter et al than me. OK, I did (I thought maybe there was some BTS somewhere that I just didn't find oslt). Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Ajtostul rontok a szadba! -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#520309: [Pkg-samba-maint] Bug#520309: Bug#520309: 'force group' still broken in 3.3.2
On Sun, Mar 29, 2009 at 11:07:58AM +0200, Christian Perrier wrote: Hi, I finally took time to report this upstream with all information you provided. Thanks for your cooperation. It would be good if you could follow upstream bug so that you can provide more information if they need it, avoiding me or other samba maintainers to act as proxies. OK, thanks, will do. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Dyslexics of the world...UNTIE! -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#588965: Please add support for replacing a failing but still usable drive with a spare without marking the first drive as failed
Package: mdadm Version: 3.1.2-2 Severity: wishlist Tags: upstream Hi, Especially in the case of RAID5 arrays it would often be life-saving to be able to activate a hot-spare and prepare to replace a live drive with it, without marking that drive as failed first. Consider the following scenario. Let's say we have a RAID5 array composed of sdb, sdc and sdd, with sde added as a spare (i.e. 3 active drives). sdc starts to noticeably fail. Unknown to the user, sdd also has developed a bad sector. The user marks sdc as failed and waits for sde to be synced; however, during the resync, the system hits the bad sector on sdd, causing sdd to also be marked as failed, the resync to fail and the array to become unusable. (The same can happen if an intermittent bit error occurs during the resync operation.) The algorithm I'd like to see implemented would work as follows: sdc starts to noticeably fail. The user marks it for replacement. sde is activated and the system copies everything from sdc to sde, using the redundancy provided by the other drives if/when necessary. Temporarily, while this operation is in progress, sdc and sde are both active and in the same slot; any writes that hit the array get committed to both. When sde is completely up to date, sdc gets deactivated and marked as failed. The bad sector on sdd doesn't compromise our ability to sync the hotspare. At this point, another spare could be added, sdd marked for replacement, and so on. I realise this also requires changes to the kernel. Apologies if it's already planned; I haven't seen it discussed anywhere. Best regards, Andras -- Andras Korn korn at elan.rulez.org - http://chardonnay.math.bme.hu/~korn/ All that glitters may not be gold, but it sure has a high refractive index. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#510004: subversion: SSL/TLS support for svnserve
Doesn't the SASL support take care of this? It doesn't - as I understand it, SASL won't authenticate the server to the client and won't encrypt the traffic either. It's just a way for the server to authenticate the client. I would also welcome ssl/tls support in svnserve (and the client). Andras -- Andras Korn korn at elan.rulez.org Man is the best computer we can put aboard a spacecraft... and the only one that can be mass produced with unskilled labour. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#637646: New upstream release 3.1.0 available
Package: mldonkey-server Version: 3.0.7-2 Severity: wishlist Hi, http://sourceforge.net/news/?group_id=156414id=302714 * MLDonkey: New release 3.1.0 Bittorrent: DHT support small fixes 2011-08-10 17:35:14 UTC by spiralvoice Having DHT support would be nice. When are you planning to package the new version? Thanks -- Andras Korn korn at elan.rulez.org My sun-dial is slow. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#638605: runit: chpst fails to change uid not listed in /etc/passwd
Hi, FWIW, I use the following workaround to this problem: #!/bin/sh [...] RUNASUID=$(getent passwd $RUNASUSER | cut -d: -f3) RUNASGROUPS=$(id -G $RUNASUSER | tr ' ' ':') [...] exec chpst -u :$RUNASUID:$RUNASGROUPS [...] HTH. Andras -- Andras Korn korn at elan.rulez.org Constant change is here to stay. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#678985: Please consider including attached start-stop-daemon.runit script
Package: runit Version: 2.1.1-6.2 Severity: wishlist Tags: patch Hi, Since the release of 2.88dsf-23 of sysv-rc, dependency based boot ordering is mandatory in Debian; however, insserv fails to recognise symlinks to /usr/bin/sv as valid initscripts. This makes using runit unnecessarily painful; to ease the pain, I wrote a pretty complete start-stop-daemon wrapper for runit (alas, in zsh). Diverting /sbin/start-stop-daemon to /sbin/start-stop-daemon.real and using this script, conventional initscripts continue to work. My script determines whether it should pass the call through to the real start-stop-daemon or to use sv(8) to manage a runit service. While it's a bit of a kludge, it appears to work fairly well. An important drawback is that it needs to be adapted each time the semantics of start-stop-daemon change, but maybe that doesn't happen so often. The script uses few zsh-specific features; a determined person should be able to modify it to run in bash or even plain sh relatively easily (but I have no time/interest to do so myself). The script is licensed under the GPL v3, with the special exception that permission is granted to include it in the runit package and license it to users of the runit package under the same license as the rest of the package. Work on the script was sponsored by CAE Engineering Kft. Best regards, Andras -- Andras Korn korn at elan.rulez.org All that glitters may not be gold, but it sure has a high refractive index. #!/bin/zsh # # This script is intended to wrap start-stop-daemon. It will call the # original start-stop-daemon with the supplied arguments unless the daemon # to be started appears to exist as a runit service, in which case it will # map the start-stop-daemon call to an sv(8) call. # # If called by non-root user, fall back to original start-stop-daemon # unconditionally [[ $UID -gt 0 ]] exec /sbin/start-stop-daemon.real $@ set -A args $@ SVDIR=${SVDIR:-/etc/service} unset mode signal exec timeout startas testmode oknodo quiet verbose command svstat oknodo=0 quiet=0 while [[ -n $1 ]]; do case $1 in -S|--start) mode=start ;; -K|--stop) mode=stop ;; -T|--status) mode=status ;; -H|--help|-V|--version) exec /sbin/start-stop-daemon.real $args ;; -x|--exec) shift exec=$1 ;; -s|--signal) shift signal=$1 ;; --signal=*) signal=${1/--signal=/} ;; -R|--retry) shift timeout=$1 ;; --retry=*) timeout=${1/--retry=/} ;; -a|--startas) shift startas=$1 ;; -t|--test) testmode=1 ;; -o|--oknodo) oknodo=1 ;; -q|--quiet) quiet=1 exec /dev/null ;; -v|--verbose) verbose=1 ;; -p|--pidfile|-n|--name|-u|--user|-g|--group|-r|--chroot|-d|--chdir|-N|--nicelevel|-P|--procsched|-I|--iosched|-k|--umask|-m|--make-pidfile) # ignored shift ;; --pidfile=*|-b|--background|--nicelevel=*|--procsched=*|--iosched=*|--umask=*) ;; --) # What follows is args to the daemon. Avoid parsing # those accidentally. break ;; *) # Assume the previous was the last option; the rest # is the name of the daemon plus args, of which we # only care about the daemon. command=$1 break ;; esac shift done # Try to infer runit service name. If our parent is an initscript, use its # basename read foo script foo /proc/$PPID/cmdline if [[ ${script:h} = /etc/init.d ]]; then svname=${script:t} elif [[ ${$(readlink -f /proc/$PPID/exe):h} = /etc/init.d ]]; then read svname /proc/$PPID/comm fi # if not, try other heuristics svnames=($startas $exec $command) while ! [[ -d $SVDIR/$svname/supervise/. ]] [[ -n $svnames[1] ]]; do svname=${svnames[1]:t
Bug#678985: Please consider including attached start-stop-daemon.runit script
Hi, I fixed two bugs in the script and am attaching the fixed version. Fixed bugs: * No longer assume name of parent initscript is 2nd word of /proc/$PPID/cmdline. * When sending a service the kill signal, issue sv d servicename first because initscripts assume that the service will be down after a kill. Andras -- Andras Korn korn at elan.rulez.org There is no spoon(). Only a fork(). #!/bin/zsh # # This script is intended to wrap start-stop-daemon. It will call the # original start-stop-daemon with the supplied arguments unless the daemon # to be started appears to exist as a runit service, in which case it will # map the start-stop-daemon call to an sv(8) call. # # If called by non-root user, fall back to original start-stop-daemon # unconditionally [[ $UID -gt 0 ]] exec /sbin/start-stop-daemon.real $@ set -A args $@ SVDIR=${SVDIR:-/etc/service} unset mode signal exec timeout startas testmode oknodo quiet verbose command svstat oknodo=0 quiet=0 while [[ -n $1 ]]; do case $1 in -S|--start) mode=start ;; -K|--stop) mode=stop ;; -T|--status) mode=status ;; -H|--help|-V|--version) exec /sbin/start-stop-daemon.real $args ;; -x|--exec) shift exec=$1 ;; -s|--signal) shift signal=$1 ;; --signal=*) signal=${1/--signal=/} ;; -R|--retry) shift timeout=$1 ;; --retry=*) timeout=${1/--retry=/} ;; -a|--startas) shift startas=$1 ;; -t|--test) testmode=1 ;; -o|--oknodo) oknodo=1 ;; -q|--quiet) quiet=1 exec /dev/null ;; -v|--verbose) verbose=1 ;; -p|--pidfile|-n|--name|-u|--user|-g|--group|-r|--chroot|-d|--chdir|-N|--nicelevel|-P|--procsched|-I|--iosched|-k|--umask|-m|--make-pidfile) # ignored shift ;; --pidfile=*|-b|--background|--nicelevel=*|--procsched=*|--iosched=*|--umask=*) ;; --) # What follows is args to the daemon. Avoid parsing # those accidentally. break ;; *) # Assume the previous was the last option; the rest # is the name of the daemon plus args, of which we # only care about the daemon. command=$1 break ;; esac shift done # Try to infer runit service name. If our parent is an initscript, use its # basename read -A cmdline /proc/$PPID/cmdline while [[ -n $cmdline[1] ]]; do if [[ ${cmdline[1]:h} = /etc/init.d ]]; then svname=${cmdline[1]:t} break fi shift cmdline done if [[ -z $svname ]] [[ ${$(readlink -f /proc/$PPID/exe):h} = /etc/init.d ]]; then read svname /proc/$PPID/comm fi # if not, try other heuristics svnames=($startas $exec $command) while ! [[ -d $SVDIR/$svname/supervise/. ]] [[ -n $svnames[1] ]]; do svname=${svnames[1]:t} shift svnames done # if runit service doesn't exist, call real start-stop-daemon. if ! [[ -d $SVDIR/$svname/supervise/. ]] || [[ -z $svname ]]; then exec /sbin/start-stop-daemon.real $args fi # otherwise, do what we've been asked to [[ $quiet = 0 ]] [[ $verbose = 1 ]] echo start-stop-daemon.runit: will act on $svname service. 2 function sendsig() { case $signal in HUP|1) sv hup $svname ;; INT|2) sv interrupt $svname ;; QUIT|3) sv quit $svname ;; KILL|9) sv d $svname sv kill $svname ;; USR1|10) sv 1 $svname ;; USR2|12) sv 2
Bug#674562: Please include/apply http://www.skarnet.org/software/djbdns-fwdzone/djbdns-1.04-fwdzone.patch
Package: dbndns Version: 1:1.05-8 Severity: wishlist Tags: patch Hi, the patch at http://www.skarnet.org/software/djbdns-fwdzone/djbdns-1.04-fwdzone.patch allows dnscache to issue recursive queries to the servers of some domains while issuing iterative queries for others (effectively making the behaviour of FORWARDONLY domain-based). The patch itself is fairly trivial; however, it removes support for FORWARDONLY (to get that behaviour you have to chmod +t root/servers/@), so that users should be warned on upgrading. The patch needs minor massaging to apply after the ipv6 patch (s/64/256/ in 2-3 places; s/\[4\]/[16]/ in one place). Thanks Andras -- Andras Korn korn at elan.rulez.org I'm in a class by myself. Everyone else graduated. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#644401: trac: Translations are missing
Package: trac Version: 0.12.2-1 Followup-For: Bug #644401 Hi, the problem seems to be a missing Build-Depends on python-babel. I rebuilt the package with Babel installed (changing nothing else), and localisation magically started working. -- Andras Korn korn at elan.rulez.org Bugs come in through open Windows. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org