>>>>> "Thomas" == Thomas Schmitt <scdbac...@gmx.net> writes:
Thomas> Hi,
Thomas> Sam Hartman wrote:
>> Why do we care if it mounts on a third mac?
Thomas> I care in my role as upstream of xorriso.
OK.
I'd ask that when interactin
Why does mountability matter anyway?
The interesting question is whether it boots on the target system,
right? Why do we care if it mounts on a third mac?
Dear Matthias:
Hi. As I understand our IRC conversation, you asked me to keep the TC
bug regarding mips binutils open even after your upload.
First, I want to confirm that understanding.
Second, what are you hoping for from the TC at this point? I think
you've resolved the issue that came to
I posted this to the wrong bug, now reposting:
Dear Matthias:
Hi. As I understand our IRC conversation, you asked me to keep the TC
bug regarding mips binutils open even after your upload.
First, I want to confirm that understanding.
Second, what are you hoping for from the TC at this point?
>1) The TC volunteers to be the Roadmap team
>2) The TC volunteers to be part of the regular workflow of the
>Roadmap team, as an advisory body.
>3) The TC shouldn't be part of the regular workflow of the Roadmap team.
>We will always be available for escalations, as usual.
>4) Further
Do you have _kerberos._tcp DNS entries along with the _kerberos._udp
entries?
Does that help if not?
So, your experience is that with _kerberos._tcp entries but no
_kerberos._udp entries it works.
However, with _kerberos._udp and _kerberos._tcp entries both, it fails?
If so, that's a bug.
With modern (say post Windows XP), I'd imagine that TCP only will be
fine.
However, if adding the UDP
>>>>> "Sam" == Sam Hartman <hartm...@debian.org> writes:
>> 1) The TC volunteers to be the Roadmap team 2) The TC volunteers
>> to be part of the regular workflow of the Roadmap team, as an
>> advisory body. 3) The TC shouldn't be p
package: gitlab-ci-multi-runner
version: 1.4.2+dfsg-1
severity: important
Hi.
If a job includes a cache, then it appears that the initial working
directory is some directory inside the cache, *not* the top of the
project directory.
In trying to diagnose build failures I produced the following
>>>>> "Stephan" == Stephan Sürken <abs...@debian.org> writes:
Stephan> Hi Sam,
Stephan> On Di, 2016-08-30 at 21:27 -0400, Sam Hartman wrote:
>> package: mini-buildd version: 1.0.12 severity: normal
>>
>> reprepro 4.1
>>>>> "Dmitry" == Dmitry Smirnov <only...@debian.org> writes:
Dmitry> On Friday, 2 September 2016 10:01:14 AM AEST Sam Hartman wrote:
>> If a job includes a cache, then it appears that the initial
>> working directory is some di
> "Raphael" == Raphael Hertzog writes:
Raphael> It would seem natural to orphan it and to let the new
Raphael> maintainer deal with updating it to version 3.x.
I think 3.x is likely to be new packaging and entirely breaks
compatibility with the 2.x config.
If we
> "Lucas" == Lucas Nussbaum writes:
Lucas> Hi,
Lucas> During a rebuild of all packages in sid, your package failed
Lucas> to build on amd64.
Lucas> Relevant part (hopefully):
>> fakeroot debian/rules binary ./genblob >tmp & tmp config-blob
>>
package: mini-buildd
version: 1.0.12
severity: normal
reprepro 4.17.1-1
The CI on our source control runs
sbuild -d sid-hadron-snapshot --arch-all --source .
Producing a changes file that includes binaries and sources.
If that succeeds in passing some tests, we upload to mini-buildd.
I
package: sbuild
version: 0.70.0
severity: normal
what happened:
$ sbuild --source --no-arch-any --no-arch-all -c unstable -d
sid-hadron-snapshot .
dh clean
dh_testdir
dh_auto_clean
dh_clean
dpkg-source: info: using source format '3.0 (native)'
dpkg-source: info: building hadron-ci in
> "Josip" == Josip Rodin writes:
Josip> On Tue, Aug 30, 2016 at 11:20:50AM +0200, Raphael Hertzog wrote:
>> Josip, do you really still care about this package?
Josip> I'm pretty sure I told Sam to take it over a few years
Josip> back...?
O, if
> "Raphael" == Raphael Hertzog writes:
Raphael> On Thu, 14 Jul 2016 22:09:52 + Santiago Vila
wrote:
>> I have the ok from the Release Managers to consider this issue as
>> RC for stretch. I'm going to wait at least one week before
package: mini-buildd
version: 1.0.12
severity: normal
I uploaded the source of an arch all package (no arch any in the
resulting build) and got:
2016-08-30 22:06:57,398 mini_buildd.packager (0039): ERROR :
Exceptio\
n DEBUG (Package 'hadron-ci_0.2' FAILED: 1 mandatory architecture(s)
package: tech-ctte
In #741573, the TC produced a two-part decision.
We approved specific wording regarding .desktop policy. That was folded
into a policy NMU.
We also approved the decision that packages should not include both a
menu file and a desktop file.
The action to draft language for
Obviously, there's a level at which I agree with you.
When this came around last time, I wanted us to issue advice.
The advice I wanted to issue isn't the advice you wished we issued, but
it would have at least been advice.
However, I was the only one on the TC who wanted to touch the issue.
It
>>>>> "Sam" == Sam Hartman <hartm...@debian.org> writes:
Sam> Obviously, there's a level at which I agree with you. When
Sam> this came around last time, I wanted us to issue advice.
This was something I intended to send to Ian privately, n
> "Didier" == Didier 'OdyX' Raboud writes:
Again, I'm fine with your current ballot.
As stated, I don't think the TC should (and am skeptical of can) decide
on the DFSG-freeness of a package directly.
We could mediate, but it's clear we don't want to here.
I do think there
I'd be willing to vote on the ballot you propose.
I disagree with your rationale for why this bug is not for the TC to
decide.
But I agree that this bug is not for the TC to decide at this time.
So, if that's all we're voting on, and I don't need to agree with your
rationale to vote C, I'm fine
Dear joseph:
This message will be hurried: I'm on a train and approaching my stop.
Thanks for your detailed message. I don't agree with all of it, but I
find it a lot easier to interact with than some of the requests we've
gotten related to this issue.
Here are some factors to consider:
1)
Dear Pirate:
I hear that you're fairly frustrated by the response you're getting from
the TC.
Speaking as someone who has read extensively the earlier bug log, I
think that your cause would be advanced by getting an additional primary
advocate who has a better understanding of what the TC can
So, I can see a couple of easy fixes:
1) have _uploaders be a class variable rather than an instance variable
or
2) store a list ofweakrefs to extant demon objects
then provide a class method to invalidate all the uploaders caches.
> "Xavier" == Xavier Bestel writes:
Xavier> Le mardi 20 septembre 2016 à 19:38 +0200, Moritz Mühlenhoff
Xavier> a écrit :
>> On Mon, Aug 22, 2016 at 12:02:59PM +0200, Xavier Bestel wrote:
>> >
>> > Package: wnpp > Severity: wishlist
>> >
package: mini-buildd
version: 1.0.12
Hi.
I'd expect that if I change the extra keyrings configuration in the
repository, and then prepare/check/activate the repository, then any new
uploaders would be able to upload.
I've found that I need to restart the demon (I used systemctl, although
> "Bart" == Bart Schouten writes:
>> I agree on this too. To the extent it should be considered
>> time-limited, it should be «until N releases after sysvinit is
>> removed» or somesuch, if that happens.
Bart> In legal terms, in law, it would be
Ian, quick question for you because you might know the answer off the
top of your head. Does running stretch with sysvinit as your init
system work reasonably well, or at least work well enough that there are
a small number of bugs we will likely be able to fix in the stretch time
frame? What I
package: debian-policy
severity: normal
Hi. As part of reviewing an issue for the technical committee, I just
read policy section 9.3 in its entirety.
Section 9.3.1 really seems to be showing its age. That section covers
runlevels and the sequencing numbers after S and K in rc.d links without
>>>>> "Ian" == Ian Jackson <ijack...@chiark.greenend.org.uk> writes:
Ian> Sam Hartman writes ("Re: Bug#835507: Please clarify that
Ian> sysvinit support decision is not going to expire"):
>> Ian, quick question for you because you
>>>>> "Ansgar" == Ansgar Burchardt <ans...@debian.org> writes:
Ansgar> On Fri, 26 Aug 2016 08:50:13 -0400 Sam Hartman wrote:
>> I think we want to reaffirm that policy section 9.3.2 and section
Ansgar> 9.3.3
>> represent curr
control: severity -1 important
justification: As maintainer, I'd like to consider this issue
important. If not promptly resolved, it will create an operational
inconvenience on an ongoing basis for years.
--Sam
Jeff, I've just uploaded kerberos configs 2.6.
If you delete /etc/krb5.conf and then install krb5-config 2.6 and
confirm that the entry there works for you, I'll fill out paperwork to
request an unblock for stretch.
(I don't think this will make it for the auto migration)
I'm aware of no issue.
I'll look into it; will be packaging 1.15~beta1 soon, and this is almost
certainly a packaging error, not an intentional change.
Or rather, I'm sure the change is not intended; it's alomst certainly
just that the file somehow got dropped.
/ 300- ext4 rw,barrier=0,noatime,errors=remount-ro
tuneopts="-c 0 -i 0"
>From 06a30575b8c473da89a031587debd8f6f350ba6b Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartm...@debian.org>
Date: Mon, 7 Nov 2016 16:41:12 -0500
Subject: [PATCH] Add support for ESP partit
package: fai
version: 5.2
Currently, the sample configuration namespace has a shell script to
restore the common capabilities found in base files; see
scripts/DEBIAN/20-capabilities.
This approach is brittle because as new packages in the base system gain
capabilities, everyone's configuration
control: tags -1 patch
control: severity -1 normal
Actually, the problem is somewhat simpler than that.
>From e4511f8ea11c047bf19f13c7b99d9c18f8736d89 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartm...@debian.org>
Date: Tue, 8 Nov 2016 18:49:38 -0500
Subject: [PATCH] Fix handling
> "Chris" == Chris Leick writes:
Chris> Package: krb5 Version: 1.14.3+dfsg Severity: minor Tags: l10n
Chris> Hi,
Chris> I've seen, that the German translation isn't included in
Chris> version 1.14.3. Is there an issue with the translated file?
>>>>> "Thomas" == Thomas Lange <la...@informatik.uni-koeln.de> writes:
>>>>> On Mon, 07 Nov 2016 17:36:41 -0500, Sam Hartman
>> Currently, the sample configuration namespace has a shell script
>> to restore the common capa
Hi.
Looking at ftar in current fai,
it looks like it already is fairly aggressive about using tar --xattrs
for extraction.
If my reading of the code is correct, this bug should probably be closed
as never having been an issue.
--Sam
> "Thomas" == Thomas Lange writes:
Thomas> Just as a short note. There's the commands fai-deps(8) which
Thomas> can be used to define dependencies inside classes. It's
Thomas> available in FAI but not used (means called) by default.
So does the
3da Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartm...@debian.org>
Date: Tue, 8 Nov 2016 08:42:01 -0500
Subject: [PATCH] Add GRUB_EFI class
Add a class to install an EFI boot loader on a GPT-partitioned system
with an ESP.
Change the class misc logic not to assert GRUB_PC if GRUB_EFI i
> "Thomas" == Thomas Lange writes:
Thomas> I found the thread on the linux-fai mailing list and also
Thomas> the code that added efi support into setup-storage. In the
Thomas> end we remove the code from FAI, since it was not needed any
Thomas>
package: fai
version: 5.2
severity: wishlist.
FAI has a great feature in the class directory that allows a
configuration space to infer classes from things such as the installed
hardware.
This is not currently available from fai-diskimage.
I'd really like to have a feature like that for
Your timing is dreadful.:-)
I just uploaded a new krb5-config and am not 100% sure I'll have time to
get in another one for stretch before the freeze.
I considered dropping the kdc lines and depending on SRV records for
cs.cmu.edu, but decided that you were picky enough that you would have
sent in
Does the e2fsprogs in jessie produce an image that works with syslinux
and vmdebootstrap?
I do understand that the proposed fix is inadequate. You'd need to not
include nobarrier on the esp partition.
However, the performance of vmdebootstrap is really fairly bad compared
to other image creation solutions I've used in the past, and it does
significantly impact the test/development
package: lvm2
version: 2.02.167-1
This bug is opened to document some problems discovered in an IRC
conversation on #debian-devel between Sam Hartman and Bastian Blank
The problem seemed to be that often (although not in all the time in
Sam's experience)
lvcreate --type raid5 -L 128g -n
Hmm.
So, first, the file refers to a modified copy of the Alladin free
public license, from a kit for implementing filesystems.
I'm kind of boggled that someone would start from the Alladin license,
but since I have no idea what modifications they made, I have no idea
whether it's free.
However
To be clear I've contacted upstream off-list and we'll see what we find
in the next few days.
Hi.
I've done some more research.
It turns out that being able to create an ESP partition on a bios disk
label is a lot more useful than I thought it is. In the cloud space
(and when I'm creating an image to be burned onto real hardware)
I tend to resize the partition table and filesystems to
My understanding of the current plan is that we're adding openssl 1.1.0
to unstable, but will make a decision about whether to drop libssl1.0.2
later.
That's really frustrating for the rest of the ecosystem--our users and
our upstreams, and I'd ask the release team to commit now to 1.0.2 being
> "Sebastian" == Sebastian Andrzej Siewior writes:
Sebastian> control: tags -1 patch
Sebastian> On 2016-06-26 12:23:04 [+0200], Kurt Roeckx wrote:
>> OpenSSL 1.1.0 is about to released. During a rebuild of all
>> packages using OpenSSL this package
>>>>> "Sebastian" == Sebastian Andrzej Siewior <sebast...@breakpoint.cc> writes:
Sebastian> On 2016-10-31 11:16:38 [-0400], Sam Hartman wrote:
>> At least one of the clusters of packages I'm involved
>> in--shibboleth and moonshot will re
> "Johannes" == Johannes Schauer writes:
Johannes> Do you know a situation when it would be beneficial to let
Johannes> sbuild create the source package *again* after it has
Johannes> already been produced for sbuild?
Sbuild can take a directory as input.
I
I want consistency between the case where there is a binary build and
the case where there is a source build.
I want --source because I want the source package to be included in the
.changes.
I want to use one tool, (sbuildh) rather than having my scripts care
about how it is being called.
For what it's worth, I think the policy question here is not a
significant one.
Holger is right that we should either fix policy or fix both
(tasksel-data and blends-tasks).
I think that is a bug that should get hashed out. I don't think it is
all that timely, and I don't think it matters much
I've played with systemd-networkd a bit.
It seems capable enough to handle this use case, but it has some
significant drawbacks.
It's not very backward compatible with expected sysadmin patterns. That
is, as a sysadmin, I'd expect ifup and ifdown to work. I expect to be
able to do things like
> "Didier" == Didier 'OdyX' Raboud writes:
Didier> That code is now in Debian (experimental), so yes, I do
Didier> expect you to act in good faith and report bugs you see. You
Didier> are obviously quite versed in how 'global' works, and that's
Didier>
> "Colin" == Colin Watson writes:
Colin> As a maintainer who has sometimes had cause to do similar
Colin> things, I'm concerned at the standard being applied here.
Colin> Could you perhaps review the history around groff 1.18.1.1 ->
Colin> 1.20 for
package: dpkg
version: 1.18.10
Hi. For a non-debian archive, I've been packaging up some disk images
into debian packages, because we tend to use debs for software
distribution.
It's not working very well.
When I run dpkg -x hadron-installer-efi_0.10_all.deb /tmp/foo,
I get
I heard back from doko today. We can expect a reply tomorrow. We also
talked briefly about the issue.
Realistically, i cannot imagine the TC coming to any final decision on
something like this in under three weeks. That timeline seems fairly
aggressive actually.
However, I think the TC could
Hi.
I'd really appreciate comments from debian-release on this issue.
Would debian-release like us to take this up?
If so, I have a proposal for how to fast-track this situation, but I am
only comfortable doing that if the release team is involved.
>>>>> "Lisandro" == Lisandro Damián Nicanor Pérez Meyer <perezme...@gmail.com>
>>>>> writes:
Lisandro> On miércoles, 11 de enero de 2017 09:39:25 ART Sam Hartman wrote:
>> Hi.
>>
>> As you are probably aware,
Hi.
As you are probably aware, the question of what to do about linking on
mips and stretch has been referred to the TC.
There's a reasonable probability that we're going to want to move very
quickly on this issue, and I wanted to reach out to you and see how we
could best work with you to
As a FYI, Matthias wrote to me in IRC just now indicating that he plans
to upload a patch in the next couple of days.
(He needs to get to the location where he has the right environment
before preparing the upload).
As such, I'm planning on holding off on calling for any votes.
> "Ian" == Ian Jackson writes:
Ian> You should explicitly state whether you want this NMU to be
Ian> DELAYED.
Good point.
I think we don't want a delay.
Updated the ballot in git.
> "Josh" == Josh Triplett writes:
Josh> As another technical alternative, which I haven't seen
Josh> mentioned elsewhere in this thread or related bug reports:
Josh> when I need to override a packaged binary or file temporarily
Josh> for debugging
I'll note that the practice of hard-coding paths is fairly common.
One common cause for this is programs that don't want to rely on PATH
for calling exec. Systemd is a particularly interesting example.
ExecStart and related arguments in systemd units are required to include
full paths.
I am
Like you I want to see global6 for stretch.
I'm not sure I want to see it bad enough to override someone.
I'd rank doing so above FD though but below a pure advice option.
> "Ron" == Ron writes:
Ron> Hi OdyX,
Ron> On Wed, Nov 16, 2016 at 03:23:47PM +0100, Didier 'OdyX' Raboud wrote:
>> Hi there,
>>
>> I've been mostly VAC, and only now found enough time to properly
>> read through this bug log. In the interest of
I'd really like to see the TC offer at least the following advice:
1) We believe that strong evidence is required to hold back integrating
new versions of software like global. The burden of proof is on those
who propose not to update, not on those who would like Debian to contain
current
So, what impact does having blends-tasks have besides wasting disk
space.
It adds tasks to the installer menu. Are those tasks we want on all
system installs or not?
If this is purely about disk space, I think it's less of an issue than
if it provides a bad user experience.
So,
can we (Debian) support SSL 1.1 with Shibboleth?
That is, are the patches something you're comfortable integrating as
Debian?
> "Chris" == Chris Leick writes:
Chris> Hi,
Chris> It seams, that the German translation isn't included in
Chris> version 1.15-1. Is there an issue with the translated file?
Chris> Please let me know, if I can help. The
You filed a substantially similar
>>>>> "Ian" == Ian Jackson <ijack...@chiark.greenend.org.uk> writes:
Ian> Sam Hartman writes ("Bug#841294: Global Ballot Thoughts"):
>> Like you I want to see global6 for stretch. I'm not sure I want
>> to see it bad enough
> "Ian" == Ian Jackson writes:
Ian> I know that you do not _set out_ reinforce Ron's position of
Ian> power over his victims. That is not your goal. You are trying
Ian> to come to an amicable settlement. You are trying to get
Ian> everyone
So, does someone want to propose a resolution so we can move this
forward?
Is our intent to override the maintainer or provide advice?
I don't care what the answer is but perhaps we want to be clear.
I'm fine with this ballot beyond that.
Perhaps we want to override the blends-tasks maintainers to the extent
that they disagree with the tasksel maintainers?
There was a trust router release in October.
At one level, this release is probably functional enough that it would
be nice to have included in stretch.
At another level,there have been enough upstream bugs files that I
don't think it's stable enough to include and support for the lifetime
> "Ole" == Ole Streicher writes:
Ole> We already have more that 5700 popcon-counted installations
Ole> with the blends selection in the installer. This should give
Ole> some base for that.
Hi.
Speaking with my TC hat on.
I don't find quoting popcon stats
control: -1 severity wishlist
> "Timo" == Timo Aaltonen writes:
Timo> Please add /etc/krb5.conf.d directory to the package and an
Timo> include directive in krb5.conf so that other packages can
Timo> provide snippets under the directory.
my initial reaction is that it seems like freeipa should stick freeipa
sockets in /run/freeipa not /run/krb5kdc.
However, it looks like the OTP plugin in the MIT code looks at this
patch although it doesn't create a socket there.
Note to myself for when I look at this bug after stretch release.
It's almost certainly impossible to get 1.15.1 into a point release of
stretch.
I think though the interesting question is whether this fix should go
into stretch.
In general, only important or release critical fixes can be included
after the freeze.
When you filed this bug as normal rather than
package: krb5-kdc
version: 1.15-1
severity: important
tags: fixed-upstream
krb5-kdc can fail to work at all on some systems where getaddrinfo(NULL)
returns a v6 wildcard address.
Depending on kernel modules and socket configuration, you can get
address family not supported even though v4 is
>
> The chair of the Debian Technical Committee will be:
>
> A: Keith Packard
> B: Didier Raboud
> C: Tollef Fog Heen
> D: Sam Hartman
> E: Phil Hands
> F: Margarita Manterola
> G: David Bremner
> ===END===
I vote B > F > D > C = E = A = G
signature.asc
Description: PGP signature
> ===BEGIN
>
> The Technical Committee recommends that David Bremner be
> appointed by the Debian Project Leader to the Technical Committee.
>
> A: Recommend to Appoint David Bremner
> B: Further Discussion
>
> ===END
I vote B > A
My vote is not a comment on any specific candidate.
As
OK.
OK.
If a couple of folks indicate this is an issue for them then it's a
simple enough fix it could be uploaded during the stretch lifecycle.
Hi. I will check this later today once I finish catching up from
debconf at $dayjob.
That said:
1) I did already confirm that if you handle .git correctly, everything
else works. That is, I moved the git directory to be a directory,
changed .git/config to remove a no-longer-necessary override
Hi.
I tested with dgit 4.1 and it worked well enough to dgit build-source.
I did not check through a full push mostly because I don't have any
packages to push ATM.
However if it works that well, I think it is conclusive.
> "Sean" == Sean Whitton writes:
Sean> Hello,
Sean> On Mon, Aug 14 2017, Ian Jackson wrote:
>> There are three situations I think:
>>
>> 1. fetch. There is a pristine-tar branch available somewhere.
>> You want to avoid downloading the
specified v4 wildcard
+address; regression over previous versions, Closes: #860767
+ * Fix SRV lookups to respect udp_preference_limit, regression over
+previous versions with OTP, Closes: #856307
+
+ -- Sam Hartman <hartm...@debian.org> Wed, 09 Aug 2017 12:19:50 -0400
+
krb5 (
> "Ian" == Ian Jackson writes:
That bug appears to be about a case where there are submodules in the
repository I give to dgit as input.
My case is different.
I have a super-repository of a lot of related packages with each
submodule corresponding to one
source package libradsec
dpkg-buildpackage: info: source version 0.0.5-3
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Sam Hartman
<hartm...@debian.org>
dpkg-buildpackage: info: host architecture amd64
fakeroot debian/rules clean
dh clean --wit
package: dgit
version: 3.12
What I'm really trying to do is to have dgit build my package with
sbuild, checking out the pristine-tar if necessary.
Why do I like that better than dgit fetch to guarantee I have the
tarball?
Well, perhaps I trust my local state more than the archive (I understand
(kdc crash on restrict_anon_to_tgt), , Closes:
+#832572
+ * fix for CVE-2016-3119: remote DOS with ldap for authenticated
+attackers, Closes: #819468
+ * Prevent requires_preauth bypass (CVE-2015-2694), Closes: #783557
+
+ -- Sam Hartman <hartm...@debian.org> Sun, 13 Aug 2017 18
I'm not actually sure I particularly want it removed from the system.
It's fair that it should be removed on purge though and I'll at least do
that.
Thanks for bringing this to my attention.
I'll definitely fix, although I'll end up applying a somewhat different
patch because of the build profiles support included in 1.15.1. SASL,
like LDAP would create a cycle in stage1 builds.
I expect a new version soon.
I don't have a good test
701 - 800 of 1322 matches
Mail list logo